One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2741264 |
| Date de publication | 2021-05-05 10:00:00 (vue: 2021-05-05 10:05:45) |
| Titre | 5 IT security strategies that you should think about as employees return to the office |
| Texte | This blog was written by an independent guest blogger. Without a doubt, digital transformation accelerated amid the pandemic and made it possible for employees to work remotely. However, it also intensified the threat landscape created by malicious attackers who jumped on the first opportunity to attack the more vulnerable home networks. As remote working becomes the new norm, it is paramount to have an agile infrastructure and team for security. Companies need to manage and orchestrate appropriate remediation activities carefully. Focus on providing awareness training Industry research has shown a 300% increase in the rate of cyber-crimes since the pandemic began, as malicious attackers leverage the opportunity to attack vulnerable home networks to access sensitive data. Security awareness is the most important thing to teach your employees when moving towards a secure organizational culture. Security awareness training can help everyone get on the same page and understand the depth of the threats to reduce risks and incidents. Awareness is also critical because it can help employees prepare for unforeseen situations and equip them with security knowledge to know what measures to take in case of a problem. On top of general awareness for your employees, remember to facilitate your IT team and developers with application security awareness. This is especially important because as threats and malicious attackers find innovative ways to crack vulnerabilities, your IT team should be equipped to find solutions to new attacks. You can grow your security culture with these teachable moments: Have a conference with your IT department where all employees are given security training For workers working remotely, a security guide should be sent out to them detailing all security attacks, protocols, and preventions to follow Teaching advanced lessons to employees in the R&D department to build secure products and services. Make your employee payment system safer Creating invoices for sales and payment can be time-consuming, not to mention the number of security risks that come with sending payment invoices over emails. Emails go through several networks, including DNS servers, mail servers, and routers, before reaching the intended recipient. Along this route, cybercriminals are patiently waiting to intercept the email, looking for vulnerabilities and private information that they use to commit fraud. Since these emails include personal information such as your bank account number and contact number, it makes your emails highly vulnerable to malicious attacks. You can have all the updated technology and an advanced security team. Still, even if you send out one unencrypted email with an attached invoice, you run the threat of being exposed to cybercriminals. Opt for invoicing software apps such as those with PCI-DSS certification, meaning that all financial data will be kept secure using encryption for both your business and your employees. Implement multi factor authentication Multi factor authentication means adding an extra layer of security that involves asking more than just basic information required in single-factor authentication. It usually consists of a combination of information known only by the user, such as a security question, pin code, or an alternate email. Research |
| Envoyé | Oui |
| Condensat | “prices 300 about accelerated access according account accounts activities adding additional additionally adopt adopted advanced affordable against agile all allow almost along also alternate amid application appropriate apps are asking attached attack attackers attacks attitude authentication authenticity available aware awareness bank based basic because become becomes been before began being better blog blogger both breaches build built business businesses but can canada cannot capital carefully case certification changed changes changing cheap click clock cloud code collaboration combination come commit companies company company's compromised conclusion conference confidential confirm connections consists consuming contact contracts correct could crack create created creating crimes criminals critical culture cyber cybercriminals cybersecurity data deleted department departments depending deploy depth detailing developers devices different differently digital dns doubt dss during elements email emails embarking employee employees encoded encrypt encrypted encryption enforce ensure enters environment equip equipment equipped errors especially essential establish even ever everyone expert exposed extended extra facilitate fact factor factory financial find first fixed focus follow fraud from function future general generally generated get given going grow guest guide happen hardware has have help higher highly home however implement important incidents include including increase independent industry information infrastructure initial innovative intended intensified intercept intervals investment invoice invoices invoicing involves jumped just kept key keys know knowledge known landscape last latter layer leakages lessons leverage like lined login long looking lower ludovic made mail make makes malicious manage may meaning means measures mention mfa minimize moments: more moreover most moving much multi need needs networks never new norm not now number off office officials often once one online only operate operations opportunity opt orchestrate organization's organizational organizations out over overnight page pandemic paramount partial password patiently payment pci period periodically personal physical pin plan platforms possible prefer preferable prepare pressure prevent preventions prioritizes privacy private problem process productive products professionals proper protect protected protocols provide providing puts question r&d random rate reaching recipient reduce rembert remediation remember remote remotely required research resources return risks route routers rsa run safeguard safely safer sales same savvy says scene secure securely security seems send sending sends sensitive sent servers services several sharing shifted should shown shows significantly since single site situations software solutions some storage strategies strict stringent such suits susceptible system take taken teach teachable teaching team technology than them there's these thing think those threat threats through time token top toronto towards training transformation two uncertain uncertainties understand unencrypted unforeseen updated upgrades use user using usually utilize verification vpn vpns vulnerabilities vulnerability vulnerable waiting way ways what when where who will without work workers working written year your |
| Tags | Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.