Many companies, including those in Belarus, switched to remote work due to the coronavirus in the spring. According to polls, some people liked this format. For example, according to Gartner, 74% of companies are ready to move up to 5% of staff to work from home on an ongoing basis when the pandemic is over. It is undoubtedly a new experience for most around the world on this scale.
Himself a sysadmin computer engineering careers
The format of work from home, in addition to its advantages, of course, also has risks associated primarily with the safety of corporate data and finances. In a home office, the importance of the level of digital literacy of employees is growing sharply, because the human factor is still one of the most common causes of cyber incidents in companies.
Ideally, sending employees remotely is recommended along with a work laptop, a token, and configured secure access to all important tools, including mail, instant messengers and file sharing. The device must have a strong security solution and VPN, and a password must be set. All programs and applications in use must be updated, and backup and encryption must be configured.
But, of course, this is not always the case, especially when it comes to small firms. This largely explains the fact that user behavior at a distance is becoming more risky in terms of cybersecurity. Judge for yourself: any activity, both work and personal, is performed from the same device, on which most often there is no protection.
Providing these basic protections is primarily the responsibility of the employing organization, as it is the employing organization that will suffer in the event of an attack. Meanwhile, according to statistics from Kaspersky Lab, 73% of employees around the world who switched to remote mode did not receive any specific recommendations on information security. Although it is the degree of security of home computers connected to corporate networks that determines the safety of commercial information in a home office. Among the data that attackers can hunt for are customer bases, any classified work information and, of course, the company's cash flows.
Since the transition to remote work took place quite abruptly, special software was urgently needed that would allow employees to access internal systems outside the office. And the attackers immediately adopted it. We recorded a surge in attacks on the infrastructure of organizations whose employees started working from home in the spring. In particular, at the end of April 2020, the average daily number of brute-force attacks on devices that support the remote connection protocol to a computer increased by 23% compared to January of the same year.
In addition, connecting to a corporate network from a home office is fraught with the fact that other equipment can be connected to the home router, which attackers can use as an entry point into the corporate system. And the router itself can be a convenient gate if it has a factory password, and VPN technology, which ensures the interaction of a computer with a corporate network via a secure channel, is not used. This is most often the case, because, according to our data, only 53% of people around the world work via VPN.
Work calls from home devices
With the transition to remote work, companies faced the issue of effective communication with employees. In Belarus, as we can see from one poll, Skype topped the rating of the most popular tools. Almost 58% of remote workers use it. Also in the top 3 are Slack and ZOOM. The least popular communication channel was Facebook. In addition, some companies use Google Hangouts, Google Meetings, Lifesize, Discord. Yes, the services are convenient, but you need to use them with a certain amount of care.
To avoid oversight, you need to follow a number of simple rules: do not publish links to online meetings in public resources; create a separate and complex password for each new conference; set up a "waiting room" and two-factor authorization, if the service provides such an opportunity.
Shadow IT
It is difficult to find software tools to please the entire state. There will always be an employee who will say that he knows a much more convenient file hosting or video communication platform than the resource offered by the company, will recommend to colleagues and, voila, already half of the office communicates in messengers and chats not approved by the IT service or uploads links to not approved (and possibly insecure) clouds, etc. This phenomenon is called "shadow IT". In conditions of distance, the demand for them is gaining momentum. According to a survey conducted this spring, 38% of employees around the world communicate using messengers that are not approved by IT departments of companies, and 53% use "shadow" cloud storage.
Last year, we conducted a survey, during which it turned out that every fourth Belarusian user downloads applications or programs that are needed for work from unofficial resources. What can we say about today. The problem with such resources is that IT departments cannot guarantee the safety of the data transmitted through them, and take it into account when building a threat model and creating flow diagrams.
The more hype, the more fakes
Attackers always turn the news agenda in their favor and, of course, did not fail to take advantage of the hype around the coronavirus. For example, in the spring they created emails that looked like mailing lists from the World Health Organization, spawned phishing sites exploiting this topic.
For example, back in April, Kaspersky Lab experts said that in the first four months of the year, they discovered more than 4,600 suspicious sites, the names of which include the words covid19 or coronavirus. Such resources are still appearing, except that their subject matter changes somewhat.
What's next?
The remote mode of work has clearly shown companies how they could be threatened with ignorance of the basic rules of network security by employees. Today, digital literacy - that is, knowledge of the rules of cyber hygiene that allow you to deftly maneuver the Internet without compromising personal and corporate data - is becoming a critical skill.
So far, a person remains the weakest link in the information security chain, but gradually the level of user awareness is growing. I hope that organizations will begin to conduct systematic training for employees, especially since some of them will most likely continue to work from home.
No comments:
Post a Comment