One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1694220 |
| Date de publication | 2020-05-06 12:00:00 (vue: 2020-05-06 13:01:41) |
| Titre | Balancing security and flexibility with a remote workforce |
| Texte |
This blog was written by an independent guest blogger.
According to the Pew Research Center, last year, roughly seven percent of U.S. workers regularly enjoyed the option of working from home. Well accustomed to the nature of remote work, these individuals were equipped with stable internet connections, collaboration and communication tools, and security technologies that helped them excel from their home offices.
As concerns regarding the spread of COVID-19 grew, , nations around the world opted to enforce social distancing guidelines to prevent the infectious disease from spreading. In response, companies of all sizes have been forced to embrace remote work without much time to plan ahead. Some businesses have shifted to as much as one hundred percent of their employees working from home.
As all parties involved adjust to this new way of working, critical concerns regarding the security of data and systems have surfaced and must be addressed to prevent cyber breaches. Here are five tips every enterprise should consider for better security of remote workers:
Ensure your information security policy covers remote work use cases
In companies unaccustomed to remote work, information security policies tend to be written under the assumption that employees are on site. This has led to gaps in guidance on how workers should maintain the security of data and applications while working remotely. The sudden shift to home office setups requires that policies and procedures be established or updated to account for this new reality. Examples of relevant remote security policy components include, but are not limited to, mobile device management, access control, acceptable use, and more. For example, a Mobile Device Management (MDM) policy should describe the controls required to secure, monitor, and manage mobile devices used by employees. An access control policy is another common policy that already exists in most companies; however, it may not have been written with remote work in mind. This policy should include guidance on granting, monitoring, and terminating remote access for employees and third parties.
Photo by Dan Nelson on Unsplash
Address security risks associated with employees working on personal devices
Some employees are now required to use personal devices to access sensitive information for work-related tasks. This increases the risk of potential data loss or leakage, and also makes it challenging to maintain visibility into employee actions. Defining a Bring Your Own Device (BYOD) strategy is an essential step in enhancing company security when employees may begin using their personal devices for business purposes. The policy should include guidelines on the minimum required device security controls, acceptable use cases, prohibited actions, and information on any company-sanctioned security tools that can be used to conduct business securely. It’s also important to discuss any employee rights or privacy implications when managing personal user devices that are connected to the corporate network. Lastly, the strategy should include plans for addressing lost or stolen personal devices that may have included sensitive company information.
Get a handle on growing third party risks
A |
| Envoyé | Oui |
| Condensat | 200 2019 2020 able about abusing acceptable access accessed according account accustomed act action actions activities activity: address addressed addressing adds adjust adoption advanced advantage adware ahead all allow allowing already also amidst another antivirus any application applications applies approaches approve are around assist associated associates assumption attackers authentication avoid avoiding back balancing basic become been begin benefits better biometrics block blog blogger both breaches bring business businesses but by dan byod calls campaigns can capabilities cases center challenge challenging cloud collaboration commission common communication communications companies companies; company components compromised computing concerns conduct configured configuring connected connections consider consumers contact contingency control controls conversations coronavirus corporate course covers covid created credentials critical customer cyber cybercriminals cybersecurity daily data data: date: an dealing december default defining dependent deploying describe design despite detect developers device devices difficult disclosure discuss disease disruptions distancing distributed downloading educate effectively email embrace employee employees encourage encryption endpoints enforce enhance enhanced enhancing enjoyed ensure enterprise enterprise’s enterprises environment equip equipped essential established event every everything example examples excel exists exploit expose exposing external factor family fcc fears features federal firewalls five flaws flexibility fluid forced fortunately fraudulent from fundamental gained gaps genuine get good granting grew growing guest guidance guidelines hackers handle has have help helped helping here highly hijack home home: how however hundred hygiene ill immense implement implications important incident include included includes increases independent individuals infectious information informed insecure insiders instance instantly internet invest involved involves issued it’s its keep knowledge lack last lastly latest layers lead leakage leaving led leverage leveraged like limited locations loss lost lure made maintain makes making malware manage management managing many march may mdm means meeting members message method mfa microsoft million mind minimum mitigate mobile monitor monitoring more most much multi must nations nature navigate nelson on unsplash network networks never new not now number numerous occasions’ offering offers office offices often one online only operate operating operations opportunistic opted option options organization organizations other outside own pandemic participants parties party passwords people percent perimeters personal pew phone photo physical plan plans policies policy popularity portal possible potential power practical practice prepared prevent prevention preying privacy private procedures productivity products profitable program prohibited protecting provide provider public purposes quickly real reality recovery reduce regarding regularly related relevant reliable remain remote remotely reports reputable required requires research reset resources respond response restricting review rights ripe rise risk risks robocalls robust roughly routers rule same sanctioned scam scams scams: secure securely securing security sensitive set setups seven several shared shift shifted should significant site situations sizes skype slack soaring social software solutions solutions: some sources spread spreading stable stay steal step stolen storage strategies strategy strong such sudden support supporting surfaced synergy system—even systems taking target tasks team teams technologies technology technology: telecommuting: telephone tend terminating text them themed themselves these third threats time tips today token tools two unaccustomed unauthorized uncertainties under underestimate understand unexpected unpatched unsanctioned unsecure updated upgrading urging usage use used user users using util |
| Tags | Malware Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.