One of the hot topics in the world right now is the newly spread tendency of working from home. Ever since the start of the pandemic, companies all over the world pushed to continue work without interruptions. But the importance of security looms over more than ever, with an immediate danger for phishing attacks and other threats that could put a whole company, business, and even clients at risk.
So how can we stay protected? Listen to one of Scalefocus’ Security Architects, Vladimir Atanasov, who spoke in detail on the topic last night on Blog Talk Live, with host Ravi Das.
Below, you can find a short recap of the information Vladimir covered, including how to achieve WFH readiness and how companies cannot diminish security in favor of functionality. Download the whole podcast to hear detailed advice and the entire account on the topic from an expert in the field.
Depending On the Scale
After the COVID-19 pandemic hit, most companies had to adapt to working from home pretty much at the drop of a hat. So this begs the question: how can a company achieve full work from home capacity quickly and be secured at the same time? Vladimir gave perspective on this by going into detail about the dependency on the readiness on the size of the company - bigger companies usually already have the policies and systems in place to adapt more quickly. With smaller companies, the tendency is to use most resources online and have their work more exposed, so this could lead to the need for protection, depending on the workload.
To go remote securely, companies need infrastructure and adaptivity - because even if mostly nothing changes from a functional point of view, some things do change.
Namely, companies become more exposed to additional security risks, and the number of targets is more significant - because everybody is at home.
Vladi talked more about the options for the different sized companies and gave practical advice for:
Creating guidelines and implementing them quickly
Finding ways not to be exposed by hiring professionals to integrate security measures
Assess the risks quickly and list the needed measures
Challenges & Weaknesses
Another hot topic for discussion on the podcast was the challenges with the current situation and the security risks connected directly to it. Vladimir shared his expert outlook and went into detail on the security threats at the moment:
- The rise in the phishing challenges - attackers strike when there is weakness, and with the world overtaken by fear and curiosity, the chances of disruption are larger
- A greater need for email security and security awareness training and the creation of guidelines
- Monitoring of whether the employees follow instructions where applicable
- Considering working on the cloud, to provide quicker security when working from home
Security Measures & Monitoring
On the subject of monitoring and security updates, Vladimir spoke about the importance of procedures, including GDPR guidelines. He also gave details about why businesses should always keep in mind that the employees are operating at home with the same data they are operating at the office. The company information should be safe and some measures can be implemented - here are some (but not all) mentioned in the podcast:
Introducing more authentication that does not compromise the functionality
Changes for the usage of sensitive data (you can hear detailed ideas in the podcast)
Consider adding more security to the infrastructure of different projects; it will be better in the long run
Make a decision and assessment as to where to accept risks at the expense of functionality
Look at the whole picture and see where the compromise could cost you losses
Achieving Continuous Security in Home
Phishing and other specific risks were discussed at length in the episode, including the dangers for some of the industries that depend on the security an IT company can provide for their project. Vladi gave concrete examples of the dangers some clients experience and how a company can make sure their client is fully protected. His advice included detailed accounts of:
Focusing on the right things (balancing the focus between working remotely and striving to get ahead of the trends of the cyber attacks)
Keeping the security tight while keeping the business alive
Concrete measures, including keeping software up-to-date, thinking of new ways to update (it is not always a good idea for it to happen automatically), and trusting in the advice of the security experts
Securing your home network by cooperating with your employer
Follow the employer’s security practices (if there are such) as well as finding a way to create such practices as an employer
Look into additional firewalls to the servers Listen or download the podcast to hear the full advice of Vladimir and learn why security is now more critical than ever.
Stay tuned for more podcasts on the hot IT topics of the time we live in.