{"id":3651,"date":"2021-05-24T10:12:03","date_gmt":"2021-05-24T08:12:03","guid":{"rendered":"https:\/\/10guards.com\/?p=3651"},"modified":"2021-05-31T16:34:46","modified_gmt":"2021-05-31T14:34:46","slug":"work-from-home-as-the-new-threat-gateway","status":"publish","type":"post","link":"https:\/\/10guards.com\/es\/blog\/2021\/05\/24\/work-from-home-as-the-new-threat-gateway\/","title":{"rendered":"Work from Home As The New Threat Gateway"},"content":{"rendered":"<p class=\"qtranxs-available-languages-message qtranxs-available-languages-message-es\">Disculpa, pero esta entrada est\u00e1 disponible s\u00f3lo en <a href=\"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/posts\/3651\" class=\"qtranxs-available-language-link qtranxs-available-language-link-en\" title=\"en\">en<\/a>, <a href=\"https:\/\/10guards.com\/ru\/wp-json\/wp\/v2\/posts\/3651\" class=\"qtranxs-available-language-link qtranxs-available-language-link-ru\" title=\"ru\">ru<\/a> y <a href=\"https:\/\/10guards.com\/ua\/wp-json\/wp\/v2\/posts\/3651\" class=\"qtranxs-available-language-link qtranxs-available-language-link-ua\" title=\"ua\">ua<\/a>.<\/p><p>The world shifted to a remote work model in response to the COVID-19 pandemic last year. At first, that was more necessity than preference, but today some employers are not going to return to their former office mode.<\/p>\n<p>&nbsp;<\/p>\n<p>However, one less obvious but nevertheless critical challenge relates to cybersecurity risks due to distributed work environment. Work-from-home employees are at much greater risk than those in offices. Firstly, cybercriminals have an easier entry into the company network, as home connections are less secure.\u00a0\u00a0Secondly, various online tools, solutions, and services for collaboration and productivity tend to have the minimum of the security default settings, and updates from third-party vendors can change security preferences and be easily overlooked.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>The biggest threat for working from home employees is phishing and ransomware.\u00a0\u00a0It appeared that working at a traditional office employees showed a lower propensity to click on phishing emails.<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Ransomware is also a common threat in the work-from-home model.\u00a0\u00a0If the workers\u2019 connection to the organization is blocked, it is more difficult to get assistance from the right experts and authorities.\u00a0\u00a0Furthermore, some workers are concerned that they have \u201cdone something wrong\u201d and so may be more reluctant to ask for help. While this risk can be addressed by regular training on digital hygiene, it cannot guarantee the outcome.<\/p>\n<p>&nbsp;<\/p>\n<p>A few things about trainings increasing the cybersecurity awareness of employees. Comprehensive and frequent\u00a0cybersecurity trainings can no longer be considered a \u2018nice to have\u2019 for businesses\u2014it\u2019s now absolutely crucial for organizations that are facing an ever-evolving array of cybersecurity threats in the current work-from-home environment.\u00a0\u00a0As a follow-up to training employees to detect phishing emails, organizations really need to invest in a robust, integrated suite of cybersecurity solutions that prevent, detect and mitigate ransomware attacks and other cybersecurity threats.<\/p>\n<p>&nbsp;<\/p>\n<p>Authorities need to recognize\u00a0three realities of cybersecurity in a distributed environment to fully address threats:<\/p>\n<ol>\n<li>Growth and virtualization of the workforce are accelerating events for more cyber risks.<\/li>\n<li>Cyber risk is not a problem with a defined endpoint.<\/li>\n<li>Humans (the employees) are the weakest link in any organization\u2019s security system.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p><strong>So, the first truth<\/strong>. The growth expands companies\u2019 interactions with the outside world, which means new communications with unfamiliar parties and their networks, namely increasing the companies\u2019 attack surface.\u00a0\u00a0Worse yet, because growth does not happen in a completely predictable way, it can be hard to manage cybersecurity.<\/p>\n<p>&nbsp;<\/p>\n<p>So, cybersecurity may be seen as a holdback to rapid growth. Let&#8217;s be realistic, the shareholders are unlikely to slow down the development process for the sake of cybersecurity.\u00a0 Therefore, keeping balance is vitally important.<\/p>\n<p>&nbsp;<\/p>\n<p>Fortunately, there are a number of ways to secure your organization without impacting productivity, such as the implementation of identity and access management solutions that include multi-factor authentication (MFA) and single sign-on (SSO) capabilities. Though MFA does involve an additional step when employees log in, SSO not only makes it easier for employees to log in to a number of key applications at once but also provides an easier way for IT administrators to adjust permissions to prevent unauthorized access.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Now the second truth<\/strong> is that\u00a0cybersecurity is not a problem that can be finally and definitively \u201csolved.\u201d\u00a0\u00a0Cyber-criminals are always looking to hack the most secure system, because they are constantly improving their skills.<\/p>\n<p>&nbsp;<\/p>\n<p>According to cybersecurity experts, problems have defined solutions, and often concrete endpoints, whereas cyber threats are not problems any more than criminality is a problem\u2014it is an ongoing challenge you need to address constantly.\u00a0\u00a0Like any crime, cyber risk has neither a defined solution nor a concrete endpoint. Cyber threats have multiple objectives, such as theft, destabilization, political issues, and laying the ground for later actions.\u00a0\u00a0Hackers range from governments to employees and there is no any clear solution nor any fixed rules for the game.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Finally, the third truth<\/strong> is that\u00a0humans are the weakest link in an organization&#8217;s security, so the biggest concern is how to address this problem.\u00a0\u00a0For many organizations defending against cyber risk is an expense or afterthought. In order to tackle these risks organizations must provide regular trainings and workshops to increase the cybersecurity awareness of all employees. Cybercrime is on the go, and your people need to be kept up to speed and educated continuously.<\/p>\n<p>&nbsp;<\/p>\n<p>As we can see, work-from-home is proving to be a game-changer\u00a0when it comes to corporate security, and any companies considering longer-term work-from-home or hybrid models must get more diligent in managing the work-from-home risks.<\/p>\n<p>&nbsp;<\/p>\n<p>Here we outline how to mitigate some of the cybersecurity risks in remote work:<\/p>\n<ol>\n<li>Apply updates\/patches on computers regularly; your IT department should take the lead in this effort.<\/li>\n<li>Use MFA (multi-factor authentication) whenever possible.<\/li>\n<li>Keep up-to-date on phishing\/security training and awareness for all employees.<\/li>\n<li>Make sure employees are comfortable reporting it immediately when they make a mistake or suspect something goes wrong.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p>Keep in mind that doing even the first two significantly improves your resilience.<\/p>","protected":false},"excerpt":{"rendered":"<p>Disculpa, pero esta entrada est\u00e1 disponible s\u00f3lo en en, ru y ua.The world shifted to a remote work model in response to the COVID-19 pandemic last year. At first, that was more necessity than preference, but today some employers are not going to return to their former office mode. &nbsp; However, one less obvious but [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":3652,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-3651","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-articles"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/10guards.com\/wp-content\/uploads\/remote-work.jpg","_links":{"self":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts\/3651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/comments?post=3651"}],"version-history":[{"count":6,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts\/3651\/revisions"}],"predecessor-version":[{"id":3658,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts\/3651\/revisions\/3658"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/media\/3652"}],"wp:attachment":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/media?parent=3651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/categories?post=3651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/tags?post=3651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}