One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1681636 |
| Date de publication | 2020-04-29 12:00:00 (vue: 2020-04-29 12:08:52) |
| Titre | Have you started working from home? Secure your endpoints! |
| Texte | This blog was written by an independent guest blogger. Due to recent international events, there are likely millions of people in the United States and around the world who have just started working from home. There are a lot of office jobs that could move from the company’s workplace to employees’ homes-- accountants, web designers, application developers, network administrators, lawyers, clerical jobs, stock traders, data entry people, call center agents, tech support agents, and probably many other white collar roles. I write web content about cybersecurity for a living, and I’ve always worked from home. Welcome to my world, millions of people! Try to save watching a TV show or playing a video game for after you’ve done your tasks for the day. But if your work has frustrated you by lunchtime, a nice long relaxing shower often helps. Maybe you have young children or pets at home who want your attention. You will need to shift your attention between playing Paw Patrol for your kids and walking the dog, and getting back to your task at hand. But there’s an upside. If you make yourself a yummy lunch and put your leftovers in the fridge, your coworkers won’t be able to steal them! Maybe your kid or spouse will, but you won’t resent them enjoying your pasta casserole. Now your home PC may be your office. And when you connect it to your company’s network, it will become one of its endpoints. Chances are your company’s network administrators and various security practitioners have taken some care to secure the endpoint (PC) that the company owns. Your user account probably has access to some files and folders on your employer’s servers, but no access to others. There’s likely some sort of information security policy that’s being enforced. If there’s some anomalous activity on your work PC, your IT department or security operations center should be investigating if it’s an indication of a cyber attack. But you’re not in your company’s office anymore. You’re at home. And your own home PC is just as attractive of a target to cyber attackers as the PC your company provides you in your workplace. Especially if your home PC is connected to your company’s network. So even though you can eat fish at your desk without your coworkers complaining, cybersecurity should be taken just as seriously. And because you own this endpoint, you have the responsibility to security harden it. So here are my tips for you. Only you should access your home endpoint As I said, when your home PC connects to your company’s network, it becomes one of the network’s various endpoints. Chances are you’re authorized to access some data resources on the network that a cyber attack would love to have. Financial data, internal documents and memos, internal applications, logs, and likely other sorts of sensitive data as well. And even if you’re not an administrator, an attacker may want to access your user account and perform privilege escalation attacks until they’ve acquired admin access. But they can’t privilege escalate if they don’t have access to your user account in the first place. Put a strong password in your user account in your operating system, whether it’s Windows 10, macOS, or even if you’re a desktop Linux-using weirdo like me. It should have more than ten characters, with upper and lowercase letters numbers, and special characters. Don’t make your password “Tabby” because that’s your cat’s name and only you and your family have physical access to your PC. Assume that an attacker could acquire remote access to your PC through the internet. But a cyber attacker is unlikely to physically enter your home. So if you have to write your operating system password on a Post-it Note in order to make it really complex and still be able to use it, so be it. If your spou |
| Envoyé | Oui |
| Condensat | able about acceptably access accessed accessing account accountants accounts acquire acquired acquires activity actually admin administrator administrators advice advise after against agents all also always amazon anomalous another antivirus any anymore app apple application applications are aren’t around ask assume attack attacker attackers attacks attention attractive authenticate authentication authenticator authorized automatically available back bad bank bank’s banking be your because become becomes been before being benefit best bet better between biological blog blogger breach breached breaches browser browsers built but buy cache call can can’t care case casserole cat’s center certainly chances characters checks children choose clean clerical client collar come common company company’s complaining complex computer computing configure connect connected connection connects consoles constantly consumers content continuous control cookies could coworkers create credential credentials cryptocurrency cyber cybersecurity damage dark data database date day days decision dedicated default defender department designers desk desktop desktops developers device devices different disabled discovering distributions documentation documents dog don’t done down drive due each easily eat ebay else emailing employees’ employer’s encrypt encryption endpoint endpoints enforced enjoy enjoying enter entry escalate escalation especially even events ever every everyday everywhere exceptions facebook factor family files finally financial find firmware first fish five folders following forks form forth fridge from frustrated game generated get getting good google guest had hand hands happen happening hard harden has have help helps here here’s home homes how i’m i’ve identity important including independent indication information informed ing instagram install installed installs instead internal international internet investigating it’s its jobs just keep keeping key kid kids laptops latest lawyers learn least leave leaving leftovers letters like likelihood likely limit limiting linux living lockscreen logged logs long lot lots love lowercase lunch lunchtime mac macbook macos main major make making maliciously malware man management manager managers many master may maybe media memos messages middle millions mobile models money more most move much must mutitude name need network network’s networking never new nice niche not note nothing now numbers office often old older once one online only operating operations option order other others otherwise own owns paid panel particular party password passwords pasta patch patches patching patrol paw pay people perfect perform pets phone phones physical physically place platforms playing plug policy popular post practitioners pretty prevent privilege probably protection provide provides put pyjamas randomly rather really reason receive recent recommend reduce regardless relaxing remember remote research resent resources responsbility responsibility responsible restrict risk roles routed router said same save scans second secure secured securing security sell sending sensitive sent separate seriously servers service services set settings shift should show shower simple skype slack sms social software solution some something sort sorts special specific specifically spend spouse spread start started states stays steal stock stop stored streaming strong strongest strongly stuffing such super support supports sure system systems tablets take taken target task tasks tech ten text than that’s them there’s these they’ve thing things think third those though through time tips traders traffic try twice twitter two type ubuntu ubuntu’s unique united unlikely until updated updates upper upside use used user username usernames using utilities various very victim video viruses vpn vulnerabilities walking want wash watching way we’ve web weirdo welcome well what whatever when wherever whether which white |
| Tags | Malware Patching |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.