Endpoint Management

Addressing remote work challenges with prey's solutions

juanhernandez@preyhq.com
Juan H.
Dec 5, 2022
0 minute read
Addressing remote work challenges with prey's solutions

The adoption of remote work methodologies is probably one of the only few good things that came out of the 2020 COVID pandemic. The ability to just sit anywhere with an internet connection and start working did wonders for those that spent too much time commuting and those that preferred to stay at home. But moving from a building to a cloud isn’t as easy as flipping a switch, and we at Prey know that too well.

We started working fully from our homes -and sometimes far away from it during our travels around the world- at the start of the COVID pandemic, as the quarantine hindered our work-related activities. But we have to confess that we had it easy, as we used to have a hybrid-work model which luckily made it possible for us to move over to a fully remote work environment without much of a problem.

But we know first-hand that remote work isn’t free of problems, in fact, according to our in-house research, almost 92% of companies noted an increase in cybersecurity threats after its adoption. But that’s something that was bound to happen, the increased number of mobile endpoints connected to delicate computer systems coupled with the adoption of cloud-based software in both remote and traditional offices has set up the basis for a myriad of cyberthreats to appear, and luckily, we have the tools to fend them off.

Asset Tracking

Having a remote office means having a lot of mobile endpoints, which in turn means having a lot of entry points into delicate software systems and data. Every business, remote or not, needs to keep track and record of every endpoint that is connected to its systems and networks, as it’s an excellent way to identify which devices are used, which ones aren't and even which ones are lost, stolen, or at risk of being stolen.

Losing something like a smartphone or a laptop that is connected to a business system is a huge cybersecurity risk, as it presents the opportunity for cybercriminals to use such endpoints to access some very valuable data.

Here’s what a cyber-criminal can access through every worker’s phone or laptop:

  • Cloud-based workspace tools and their data (Notion, Confluence, Jira, slack, etc.)
  • Contact info of coworkers (e-mail, personal numbers, social media profiles, etc.)
  • Cloud data management software and its data (Google Drive, iCloud, Azure Cloud, OneDrive, etc.)
  • Valuable documents 

Oh, and let’s not forget that sometimes the real asset is the endpoint itself. We’ve all heard the stories of the Apple engineer who lost a prototype iPhone, and more recently that of a prototype Pixel Watch lost by the very person that was testing it. Keeping track of our endpoints through tracking tools is the best way to ensure that our devices stay in our hands.

How Prey can help

Here at Prey, we can keep track of every smart device in an organization, as long as they install our software and give us the necessary permissions, that is. Through our tools, any IT Team can keep track of a device, who is its owner, if there has been a change in its hardware, the networks to which that device has connected, and of course, where that device is even if it doesn’t have GPS capabilities.

We track associated devices using a mix of GPS, Wi-Fi triangulation, and Geo-IP to accurately locate devices. This allows us to do some very useful actions, as we can even track devices with no active or physical GPS as long as it has Prey installed and Wi-Fi capabilities, such as a worker’s laptop or PC.

This also allows us to set geofences, which are virtual perimeters or boundaries over geographic zones of interest. These boundaries can be used to set triggers, such as when leaving or entering a geofence, like setting warnings for employees that take their devices out of their working premises or when said devices enter a potentially dangerous zone.

Here’s a list of what you can do with our tracking tools:

  • Know where your device has been in the last month
  • The exact time a location was detected
  • Set up email alerts and automatic actions when a device enters or leaves a Control Zone (Geofence)
  • If at any point, you mobile or laptop is stolen, you can set it to Missing mode and it will start collecting location data and generating reports on a frequency that you can determine. Reports will include pictures from available cameras, screenshots for laptops, and other useful data to help you with the recovery of your device.

Data Protection

If a cybercriminal wants to access valuable information it will try any means necessary to obtain it. In today’s cloud-based work ecosystem these criminals don’t even need to steal an endpoint to have access to its data, as they can access computer systems through insecure networks or attacking less protected endpoints.

Remember, your network is only as secure as its less protected endpoint, which is why hackers can, and will, use the IoT to find vulnerabilities in a system that they want to attack. It might sound funny at first, but even a mundane device like a printer can be hacked to access a poorly secured network.

According to the Cost of a Data Breach Report from IBM, the average cost of a data breach is $4,35 million, and the average cost of a ransomware attack is even higher at $4,54 million, so there are literally millions of reasons why a company should protect its data. Oh, and do keep in mind that we didn’t count the cost of the ransom itself, which averages $821,359.

How Prey can help

Prey can be installed in laptops and computers, both Windows and iOS, to restore them to their default settings remotely, which can help with both the off-boarding and on-boarding of employees and students that rely on these devices.

It can also use BitLocker to remotely encrypt and decrypt compatible Windows laptops and computers. This allows for a quick response to prevent data leaks and to safeguard the data inside stolen or lost devices, and even reduce the risk of a data breach as it can be encrypted  to prevent breaches. It can also be used in conjunction with geofencing, as an IT Admin can remotely disable or block a device after getting an automated alert from a device that has been taken out of a designated safe zone.

And in cases of emergencies, Prey can also be used to remotely render a Windows device unusable with a button. Our Kill Switch feature destroys the device's Master Boot Record, which as its name suggests, prevents it from booting into a usable state. This is a nuclear option that can be used to block a threat actor from accessing the data on a stolen laptop or computer, and also with former employees that refuse to return their borrowed devices.

Here’s a list of what you can do with our data protection tools

  • Instructing BitLocker to encrypt or decrypt your devices remotely
  • Various degrees of Wipe options: Kill Switch for a fast way to disable the device, Factory Reset to make sure that all data was erased and Custom Wipe to choose what is going to be deleted.
  • Custom Wipe can be set up to be activated when a device moves in or out of a Control Zone.

Theft and misuse of endpoints

As we previously mentioned, the number of endpoints connected to a business software system has exponentially increased since the mass adoption of remote work. Now, let’s keep in mind that some of these endpoints are owned by the employees, as some organizations implement or allow BYOD policies to save costs and speed up their onboarding process.

While this isn’t inherently a bad practice, it increases the number of cybersecurity risks that these endpoints are exposed to. According to our in-house report, ever since the start of the COVID pandemic over 60% of businesses have seen an increase in endpoint misuse. Any organization that wants to implement BYOD policies needs to assess the risks associated with said practice and implement measures to protect the organization's systems against the misuse of the devices connected to them.

These are some common dangerous uses given to endpoints:

  • Downloading and using pirated or unsafe software and/or apps
  • Visiting unsafe websites
  • Connecting to unsecured networks
  • Sharing or lending their devices to other people
  • Contacting and interacting with people from outside their work environment
  • Leaving their devices unsupervised

The dangers of losing an endpoint

Losing a mobile device is also a security issue, as the information stored on these devices can be stolen without much effort if they do not have protection measures, such as data encryption or tracking software. It’s wise to have measures in place to prevent the risks that stem from a stolen device, as while it isn’t uncommon for stolen devices to be wiped and sold, there are instances where the data in them was stolen.

It’s also important to note that the risk of simply losing a device is also present, and that it can lead to the same problems that stolen devices have. This is why employees must have the means to easily report lost and stolen assets, as the quicker an organization knows about them, the more prepared they will be to act.

The following are some confirmed examples of data obtained from a stolen device:

  • Raley’s: Data of 10,000 customers leaked from a stolen laptop.
  • Government of Canada: Data of 33,661 residents taken from a stolen laptop.
  • Eir: Data of 37,000 customers stolen from an unencrypted laptop.
  • Glasgow City Council: Data of over 20,000 residents from 2 stolen unencrypted laptops.

How Prey can help

While we cannot prevent theft and misuse of endpoints, we have tools that minimize the cybersecurity risks these problems cause. Our stellar tracking tools can be used to recover lost or stolen devices, even if they don’t have GPS capabilities, which is how we can keep track of laptops and computers.

Our geofencing tools can also be used to define certain geographical zones as safe or dangerous and set triggers to notify both users and admins of when they are entering or exiting such zones. Said triggers can also be used to encrypt or wipe data with haste on devices that are taken out of their designated safe spaces.

With our Activity Log and Location History tools it is possible to perform an audit to find out changes like which networks a device has been connected to, the IP that a device is using, what hardware changes have been made to a device, where it has been, and more. This can help identify potential dangerous activities that could lead to a breach, and even determine what activities may have caused it should it happen.

Here are some Prey tools that can be used to minimize the impact of endpoint misuse and theft

  • Lift a Screen Lock! You can also automate them to be activated on an exact time, or at a repeat time on a date range. You can set it up to run after a pre-defined number of days has passed without the device connecting to Prey! 
  • You can sound a Remote Alarm, or set it up to automatically sound when a device passes through a Control Zone.
  • If at any point, a device goes missing or is stolen, you can set it to Missing mode and it will start collecting location data and generating reports on a frequency that you can determine. Reports will include pictures from available cameras, screenshots for laptops, and other useful data to help you with the recovery of your device.

Compliance and standards

Nowadays, it is normal for any organization to store data about its users, be it personal, financial, or health-related, which is why it is necessary to protect the systems that store such information against breaches and theft. Every company needs to comply with cybersecurity rules such as HIPAA and GDPR, not only because it is a legal requirement in many countries, but also because it is a good way to prevent cyberattacks and be prepared to patch them out.

Being compliant with cybersecurity standards goes beyond encrypting data, as it is necessary to comply with a series of security requirements that strengthen a company's systems. This is why many organizations require more than one solution to comply with these regulations.

How Prey can help

Prey can help organizations be compliant with regulations such as NIST 800-171, which deals with procedures that protect the confidentiality of controlled unclassified information (CUI), and with NIST SCF, which enables companies to maintain secure processes, systems, and applications. It is why our software is listed in NIST’s Computer Forensics Tools & Techniques Catalog.

Our tools can also help organizations comply with HIPAA by providing the necessary measures to secure protected health information (PHI).  Our encryption tools can be used to encrypt patients' PHI, and our data erasure tools can remotely delete any data that needs to be deleted, both of which are required for HIPAA compliance.

Here are some Prey tools that help with being compliant with cybersecurity standard

  • Protect the data of customers and employees using encryption
  • Remotely delete Protected health information

Discover

Prey's Powerful Features

Protect your devices with Prey's comprehensive security suite.