- Why DNSFilter
by Frank Ahan on Jan 10, 2023 12:00:00 AM
Coworking offices have been growing in popularity, making news headlines, and getting featured in TV shows, even before the pandemic. However the pandemic, and the post-pandemic fallout, has really been an impetus for businesses of all sizes to adopt the use of coworking offices. From five- to ten-year locked-in leases with static square footage, to no-commitment short term leases from three months to 2 years—the coworking option has made the most sense for many businesses.
A new set of cybersecurity risks and challenges were introduced by organizations moving from a traditional single-company office to a shared office.
In a shared coworking space organizations are sharing with up to a hundred different companies. They are often sharing the same spaces, networks, and devices.
On top of that, to provide a modern clean and welcoming aesthetic many of the spaces are designed with lots of glass and openings to allow for natural light to pass through.
Being that the coworking operators control the physical access to the offices, organizations using the space have little-to-no control over it.
There may be people in the offices who were not fully vetted: A guest for the day, a vendor, or even a malicious actor waiting to seize an opportunity to either grab devices or access unguarded ones and launch a threat via USB device.
When looking for a coworking office, determine if the building itself has a good access policy, such as front desk guards and keycard access to the floors on elevators.
Once in the shared offices, make it a policy to issue keys or cards to each employee and keep the offices that the organization uses locked at all times. If the operator allows, it is recommended to frost the glass of offices to prevent screens from being seen from the outside.
Internet and Network services provided by coworking operators vary—from just an ISP hook up, all the way to a personalized VLAN and Vanity SSIDs.
Many offices provide free wireless internet with a single password shared by everyone. This perk is actually a huge risk for an organization using coworking offices. Again, having non-vetted users or devices on the same network as the organization’s can lead to many vulnerabilities and risks. Packet sniffing, eavesdropping, network vulnerability scans, and brute force attacks on workstations are a few ways shared wired and wireless networks can expose the organization to unnecessary risks.
When selecting a coworking operator, an organization should check the different network and internet offerings. A segregated VLAN, wireless network that offers 802.1x protocols, and dedicated bandwidth are things that should be sought out when engaging a coworking office. On top of that, a mix use of firewall, VPN, and DNS service is incredibly important in a coworking environment.
Devices are at a huge risk in a shared office environment.
Employee device security should always be a top priority, but even more so when coworking offices are used. Common security threats include devices being stolen from common work areas, USB dongles attached to a device and payloads executed when an employee leaves their desk unattended, or even a stranger brazenly sitting down on a random device and installing a remote access application.
Device policies should be enforced, such as: Never leave a device unattended in a common open workspace, and devices should be password protected with auto screensavers that come up after a short interval of inactivity.
Employees should also be trained to keep an eye out for shoulder surfing, and be sure to keep monitor screens facing away from the hallways. Only approved wireless networks should be used by employees—never the public ones offered.
If common printers are offered, it is also recommended to not allow any confidential information to be printed at these devices. Instead, invest in a printer that can be used within the organization’s sole physical control.
As IT and Cybersecurity professionals, we need to be able to adjust and adapt according to business needs. With many organizations moving daily operations to coworking and shared offices, it is up to us to make sure networks and devices are secure.
These environments offer many new challenges and risks, but there are solutions and best practices for that—all that needs to be done is to implement them.
The impending Cisco Umbrella RC End-of-Life has many Umbrella users concerned about their next steps and questioning which protective DNS solution might be able to fill the gap for their organization.
This month there was a high level of focus on compliance issues spanning several focus areas from governments and oversight agencies around the world. And while there were actions taken with regard to specific vulnerabilities, a larger spotlight was placed on bigger picture security considerations in a more general context.
TL;DR: SASE is broadening—it is about more than just access! It is about endpoint protection and user-based access…and it's called Security Service Edge (SSE). All of the aspects of the joint NSA and CISA guidance on Protective DNS (PDNS) and user-level policies are part of the secure category, originally launched by Gartner in January 2022. Regardless, it’s been interesting to see the NSA and CISA create guidance recognizing the breadth of cyber...