Workplace
Employees work at kitchen and dining tables in the home office, in bedrooms or even in children’s rooms. Because space is limited and the WiFi signal is not equally strong everywhere. However, such a workplace entails several dangers for corporate IT, especially when the whole family is at home.
Notebooks or iPads can be damaged by small children; older children like to try their hand at their parents’ devices out of curiosity. They may delete important data or accidentally print them out. Drinks on kitchen and dining tables are also a risk factor – especially if you share the table with two school children. Employees must therefore take special precautions at home.
A separate – lockable – workspace is ideal. If necessary, the connection signal can be optimized with a WLAN repeater. Anyone who works in the kitchen or living room should lock the screen when leaving the workplace and lock the notebook in a lockable desk or cupboard after work.
Bring your device
The use of personal devices at work was a trend even before Corona. In the home office, many companies now say, “Use your device”. But when remote end devices are used, companies lose control over the protection of their data. Outdated computers with update gaps and missing virus scanners offer hackers easy access to sensitive data.
Cloud
Cloud applications and collaboration services are very useful for decentralized work from home. But the protection mechanisms of the cloud providers do not meet the security requirements of most companies. In addition, the majority of cloud providers are based abroad. Placeholders that only contain metadata are set in the cloud. The user data is fragmented and stored in the company network or at another location. Even in an attack on the cloud, the confidential content remains unreadable for unauthorized persons.
Email applications
Email applications on mobile devices make working from home a lot easier. However, there are always security holes that allow hackers to crack such applications. Apple’s email application is currently affected. The attacks usually go completely unnoticed. With the iOS 13 update, the malicious email can apply the malicious code to the iPhone without being read. If hackers have hijacked the device, they can delete this email and cover their tracks.
Hard disk
Organizations with high-security requirements, in particular, should equip their employees’ notebooks with hard disk encryption. Only authorized users can then use their data and the operating system via multi-factor authentication. If the device is lost or stolen, third parties can’t access the data.
Also Read: Avoid Debts With Social Security
Hacker
Hackers take advantage of the corona crisis. With a deluge of phishing emails, newly developed malware and fake information, they are trying to capitalize on the crisis. For companies, this can worsen the already tense economic situation. Comprehensive IT protection is, therefore, more important than ever for every company.
Internet
Even before the Corona crisis, the following was true: 70 per cent of hacker attacks come from the Internet. The current need for information exacerbates this risk even more. Malware is smuggled onto computers via fake websites, emails or graphics that come from apparently trustworthy sources. The best protection against attacks from the Internet is a virtual browser like the R & S®Browser in the Box. If this is used, cybercriminals have no chance.
Employee
No matter how elaborate a security concept maybe, people remain the weak point. Employees open phishing emails and download dangerous email attachments, unsuspectingly revealing their access passwords to unauthorized persons who pretend to be IT, service providers on the phone, and they lose important security updates. In the home office – when the IT administrator is far away – the responsibility of each individual is particularly great. In addition to the right IT security technology, employees’ training and sensitization are crucial for IT security in the company.
Passwords
Passwords protect applications from unauthorized access. And “1234” or “Password” offer no protection against hackers at all. But common passwords are easy to crack. Good passwords are passphrases like “We encrypt data carriers!” Or “Don’t connect cells in Excel”. Such sentences are easy to remember and type but difficult to crack. They should be supplemented with symbols, numbers or capital letters. In order not to lose track, it is helpful to use a password manager.
USB stick
USB storage devices come in handy when you need to transfer large amounts of data. The USB stick is also popular for decentralized work in the home office. Often, however, sticks are used whose origin no one knows anymore. In this way, malware can get onto company computers. Employees should therefore not connect any USB storage devices to company computers.
Video conferencing
Video conferences are booming in the corona crisis. However, they often offer hackers a gateway into corporate IT. Example Zoom: Access to a Zoom conference is relatively easy for unauthorized persons. Not only can intruders gain access to sensitive information this way, but They can also use the chat functions to forward links to smuggling malware onto the devices. Instead, companies should rely on conference systems that can be opened via the browser. Attackers can then be isolated with the help of a virtual browser.
Wireless Internet Access
A WLAN connection makes working from home a lot easier. However, it is also a security risk. Because WiFi networks offer hackers the opportunity to access data, hackers can also inject computer viruses and Trojans into a system via poorly or unsecured WLANs. Most important security measures: On the one hand, the standard administrator password should be replaced by a new, strong password, and, on the other hand, WPA2 encryption should be activated.
Zero-day exploits
Patches and updates are an important protection against hacker attacks. However, these are only available if the manufacturer has already recognized the security gap. Therefore, the greatest threat is attacks that exploit a vulnerability before it has been discovered and closed. Antivirus software cannot stop such a “zero-day exploit”. The only possible protection is the isolation of the infiltrated malware in a virtual browser.
Also Read: Security In IoT Devices A Pending Issue