ESET: Home? Office; Or both?

How can organizations reduce the risk of a cyber attack when an ever-changing mix of employees moves in and out of the office?

The pandemic may be receding, but distance work has come to stay. In this environment, the hybrid work model seems to stand out, with a large number of staff working from home a few days a week, but also having to come to the office the rest.cyber security

The solution of the hybrid work model will combine the advantages of "both worlds" for the staff and the employers. But as we have seen from the beginning of the pandemic, distance work has created the perfect conditions for cybercriminals.
The hybrid working model comes bundled with some security challenges
So how big is the risk for organizations as they adopt a new work model?

An ESET survey found that 80% of companies internationally believe that home-based workers have the knowledge and technology needed to deal with cyber threats.

However, in the same study, three-quarters (73%) of businesses admitted that they were likely to experience a cyber security incident, and 50% said they had already been the victim of a cyber attack in the past.

Certainly, this divergence of views does not contribute to the development of a concise cyber security plan.

The fact is that the companies are facing great challenges - many of which were observed during 2020 and the first part of 2021.

These challenges include:

The human factor

Ask any cybersecurity professional and they will probably tell you that the weakest link in the corporate security chain is the employee himself.

That is why we have seen e-fishing campaigns being used extensively in the early days of the pandemic to entice users who were feeling hopeless after the latest crisis news.

As of April 2020, Google claimed to isolate over 240 million COVID-themed spam messages and 18 million phishing emails daily () or emails that contained malicious programs (malware).

We don't realize it, but those who work from home are more at risk because they can be distracted by roommates or family members, and are therefore more likely to abstractly click on links. Contacting IT support or checking a suspicious email from a colleague is difficult when working remotely, and personal laptops and home networks may also offer less protection against malware.

In fact, now that employees are slowly returning to the office, there is concern that they may bring with them bad habits they have adopted over the past 18 months.

Challenges in technology and cloud

During the pandemic the remote work infrastructure was exposed. ESET reported a 140% increase in RDP attacks in the third quarter of 2020.
At the same time, last year the extensive adoption of new cloud services caught the attention of cybercriminals. Typically, 41% of companies surveyed by the Cloud Industry Forum still believe that the office is a more secure environment than the cloud.

Additionally, a hybrid workplace will undoubtedly require even more transportation μεταξύ απομακρυσμένων εργαζομένων, διακομιστών cloud και υπαλλήλων που βρίσκονται στα γραφεία. Αυτή η πολυπλοκότητα θα απαιτήσει προσεκτική .

How to design a safer hybrid workplace?

The good news is that while protecting the new hybrid workplace will be difficult, there are best practices that can guide corporate cybersecurity executives.

In this context, the Zero Trust model is gaining popularity as a way to manage office workers and those who work from home through cloud-based systems.

Today, there should be no blind trust in devices and users within the corporate network. Multiple technologies will be required for the model to work properly: from multi-factor authentication (MFA) and end-to-end encryption, to network detection and response, partitioning strategy and more.

But before they even think of implementing new ones and security technologies, organizations will need to rewrite their policy for the new hybrid workplace from scratch.
This policy should include: access rights for individual employees, remote connection procedures, off-office data management and user cyber security responsibilities, among many other elements.

Finally, the recipe for a successful cyber security policy should include regular training and awareness raising for all employees.
Because the human factor may be the weakest link in security, but it is also the first line of defense.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
eset, security, iguru, iguru.gr

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).