One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1873241 |
| Date de publication | 2020-08-20 18:09:00 (vue: 2020-08-20 23:05:23) |
| Titre | Work from home cybersecurity explained: should your business have a WFH policy? |
| Texte | Global organizations are sharpening their strategies that enable their employees to work from virtually any location at any time. But working in different types of remote settings brings with it the potential for significant cybersecurity threats that must be anticipated, defended against, and quickly remediated. Working outside the traditional office setting has accelerated during the past decade. Organizations have stepped up their network transformation efforts to align with such trends as telecommuting, working while traveling, and the rapid adoption of web-based applications. But now, these “work outside the office” trends have moved into hyperdrive. Businesses are under intensified pressure to develop new, efficient, flexible, and safer ways for employees to work from virtually anywhere. But with the growing trend toward remote work comes a looming challenge: Organizations are struggling to offer their employees, customers, and partners highly secure access to vital applications and essential data. Work from home security challenges Along with remote access challenges, another major problem is becoming increasingly clear. Although malware, phishing, social engineering, and ransomware are all well-known threats, new campaigns are becoming more targeted and are expanding to include attacks on many types of devices. To add to the complexity, most devices, whether corporate-issued or personally owned, are being used off network, which often means a loss of visibility and control, and subsequently an increased risk for breach. When corporate assets, networks applications, and cloud services are being accessed by under-secured or unmanaged endpoints, the cybersecurity threat vector created by the work-from-home phenomenon broadens. The trend toward remote work that began in earnest during a time when ample network bandwidth, inexpensive endpoint computing devices, and highly functional remote access tools became commonplace is likely to accelerate. It is also probable that cybersecurity threats that target applications, devices, and networks will surge in remote access settings. Without new strategies and tools, organizations are likely to fall victim to a higher number of cybersecurity breaches, which could take longer to detect and be costlier and more complex to recover from. Understanding WFH cybersecurity risks for remote workers Over the years, IT organizations have put in place tools to help employees and other members of the virtual enterprise work remotely. The number of people working remotely has steadily increased, as has the total amount of work produced outside the traditional office setting. As a result, many virtual private networks (VPNs)—which were never designed to support so many simultaneous users—is straining under the surging demand. Another consideration is that the VPN was deployed with the expectation that employees and other remote users would likely be using corporate-issued devices and software, all with the proper and most recent security settings and privileges. Clearly, that no longer is the case, nor is it likely to be so in the future. At the same time, Security Operations Center (SOC) staff is overwhelmed, trying to triage substantially more alerts each day with an often-overworked staff and a tight budget. The pressure on SOC analysts and their cybersecurity tools is caused by the rapid expansion in the number and complexity of threats to remote users. These include everything from mobile malware and email-based phishing to ransomware, identity theft, and machine-learning-based hacking algorithms. Then, add in a stark reality: Many, many end users fail to practice good cybersecurity “hygiene” on everything from passwords to social engineering, particularly without the watchful gaze of on-site IT and security professionals to help and “encourage” those remote workers. Secure remote access challenges With far mor |
| Envoyé | Oui |
| Condensat | “bolted “new “work —which accelerate accelerated access accessed accessing act acting actors add adding additional adoption after against alerts algorithms align all along also alternative although amount ample analysts another anticipated any anywhere application applications are arrangements assets at&t attacks attempting avoid back backdrop bad bandwidth based became become becoming began being bolster bottlenecks breach breaches breed bring brings broadens budget business businesses but campaigns can capacity case caused center centers centric challenge: challenges check circuits clear clearly cloud come comes coming commonplace compelling complex complexity comprehensive compromised computing concentrator connection connections consideration considering contractors control corporate costlier could created creates crucial customers cyber cybersecurity data day decade decisions defended deliver demand demanding departmental deployed deployment designed detect develop devices different drawback during each earnest ecosystem—data edge educating efficient efforts email employees enable end endpoint endpoints engineering enterprise entire era especially essential establishing even everything expanding expansion expectation explained: exposing fact fail fall far fast flexibility flexible following frictionless from functional functionality future gain gaps gateways gaze geography global good granular growing hacking has have headquarters help helps higher highly holistically home how however hyperdrive identity important include increased increases increasing increasingly individual industry inexpensive instantaneous integrate intensified internet invest issued issues: it’s jobs known lack learn learning legacy likely location longer look looming loss machine major make malware management many massive may means media members mitigate mobile model more most mounting moved must need network networks never new nor normal” now number numerous off offer office office” often on” one onsite operations order organizations other out outside over overcoming overloaded overwhelmed overworked own owned particularly partners passwords past people performance permissions personally phenomenon phishing physical place point points policies policy potential practice pressure prevent private privileges probable problem problems processes produced product products professionals promote proper protected protection provide providing public put quickly ransomware rapid rather readiness reality: realization reasons recent recover regardless remediated remote remotely requires result rethink rich risk risks safer same scalability scale secure secured security segment segmentation sending services sessions set setting settings sharpening should significant simple simultaneous site smart soc social software solution solutions some sometimes specifically staff stark start steadily stepped straining strategic strategies struggling subsequently substantially such support supports surge surging swaths systems tactics take target targeted technical telecommuting than theft them then these think those threat threats thus tight time too tools total toward traditional training transformation traps traveling trend trends triage trying types under understanding unify unmanaged unsecured unstructured upon use used users users—is using usually utilize vector vectors victim view virtual virtually visibility vital vpn vpns vulnerabilities watchful ways web weight well wfh what when whether which why wider will without work workers workforce workforces working would years your |
| Tags | Ransomware Malware Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.