At home, the situation is different: employees are more relaxed and maybe distracted by roommates or private activities. They often don’t think about the safety of their jobs. Employees connect to the corporate network from home with too little care, but all the systems connected to it are susceptible to cyber-attacks.
Create Technical Requirements
However, human behavior is not the only factor that, before Covid-19, had often prevented companies from enabling employees to work from home. Because organizations have to provide their employees with the appropriate solutions if required: laptops, mobile phones, modems, routers, reliable broadband connections, VPNs, firewalls, access to corporate systems, networks and data, access to systems and data from partners and suppliers, communication and collaboration tools and enterprise applications. In all cases, the strongest focus should be on security.
In many industries, however, the IT infrastructure and risk & compliance teams are not used to taking the existing high compliance requirements into account for employees in the home office. But this is now part of the overall infrastructure support and management requirements.
Malware Spread Increased Sharply
In addition to traditional and more predictable attacks, researchers discovered two innovative corona-related malware attacks in early March. They were successful at the time because users searched for information about the virus and unintentionally fell victim to these attacks.
One of these attacks used a phishing email to spread the Remcos RAT malware. She used obfuscation and anti-debugging methods so that the malware was not recognized and could spread accordingly. The second attack used an MS Office document to open a back door to the systems.
Check Point has now discovered 4,000 websites related to the Coronavirus. Three percent of them are malignant and another five percent have been classified as suspicious.
Introduce New Cybersecurity Processes
The infrastructure teams must now also take into account that working at home will attract a large number of hackers and cybercriminals. Therefore, they need to implement new cybersecurity processes that enable.
Inform Employees Of The Threats
Security threats include phishing attacks, malware, viruses, scareware, spyware, worms, misleading applications downloaded on endpoint systems, etc.
User Identity And Access Management
To increase the level of security. Only verified and authenticated devices and users with multi-factor authentication are permitted.
Use Your VPN If This Is Economically Feasible
Although this proven method is relatively complex and expensive, it is necessary for sensitive or business-critical environments.
Use Cloud-Based Solutions For VPNs For The Home Office
These include relatively inexpensive solutions that are available on request and can be quickly installed for use.
Introduce Security Policies, Methods & Processes
To enforce data protection requirements. Depending on the development, the guidelines must be kept up to date.
Extend Patch Management
To all remote devices and endpoints. If companies give cybersecurity the necessary attention, employees can work safely, efficiently, and cost-effectively from home – and usually in a pleasant environment. This is how virtue can be made out of necessity: by introducing a sustainable lifestyle and a secure digital way of working.