Security gaps in the home office? The challenge of IT security in times of crisis
The number of coronavirus infections is increasing each day, which has resulted in drastic countermeasures. Shops, restaurants and other public places are staying closed to prevent the spread of the virus. Companies are asking their employees to work from their homes. During this extraordinary and sometimes overwhelming situation, companies and employees should not have to face additional fears about IT security in the home office. Hornetsecurity has some recommendations for this.
The progress of digitalization and the development of new technologies has already brought many changes for the economy worldwide. Cloud computing, big data, robotics and artificial intelligence offer companies advantages such as process optimization, the ability to save resources and rapid data and information exchange. New companies and jobs have been created on the basis of these developments. In addition, many employees can now perform their tasks regardless of location while continuing to communicate with their colleagues and employer. As a result, companies often make it possible for their employees to work from home.
Microsoft Office 365 is regarded as a major driver of collaborative work via the cloud. Important files can be stored and exchanged from anywhere in real time. This makes working from home even easier. In times of crisis such as this, having employees work from home is often the only way for companies to ensure the safety of their workforce while maintaining business operations. Both employers and employees are faced with major challenges by this change. The most frequently asked questions revolve around the topic of IT security:
- How can the corporate IT infrastructure be protected when employees work from the home?
- Do companies and employees have to take specific measures?
- Are protective mechanisms such as spam and virus filters also active in the home office?
Following are some tips regarding security precautions that could be utilized in the home office to ensure the protection of internal company data. We also discuss the special security measures for Office 365, since users of the Microsoft Cloud Service are increasingly targeted by hackers and how cybercriminals are taking advantage of the fear of the spread of COVID-19 and distributing phishing emails and fake websites in order to obtain passwords, user names and email addresses.
According to the security experts at Hornetsecurity, the following precautions should be taken and considered in the home office:
- Use of a VPN service so that employees can establish a secure connection to the company network (perimeter security)
- Install the latest updates for operating systems and apps
- Restrict the access rights of people connecting to the corporate network
- All corporate devices, including smartphones and laptops, should be protected by appropriate security software. Ideally this will include data erasure functions for devices reported as lost or stolen, separation of personal and professional data, and restrictions on the installation of apps
- Staff training to inform about dangers that may be associated with unsolicited messages
- Office 365 users are targeted by cyber criminals, especially in such times of crisis. Security experts therefore recommend not relying solely on Microsoft’s protective mechanisms, but to additionally secure Office 365 accounts with third-party solutions. (Read more)
Hackers use the crisis to launch targeted cyber attacks:
Since the beginning of February, the Hornetsecurity Security Lab has been monitoring various phishing email campaigns aimed at tapping email addresses and passwords or smuggling malware into the systems of the recipients through links and attached documents. The malware can be ransomware or spy software, for example. You can read more about the hackers’ methods here.
To get a visual overview of the worldwide spread of the coronavirus, people are accessing the interactive “coronavirus map” created by John Hopkins University. For the past few days , however, a fake version of the website has been circulating on the internet that will install malware on users’ computers.
The IT security experts at Hornetsecurity assume that the coronavirus scams will continue to increase in the near future. We expect, for example, fake emails from health authorities and similar governmental institutions or phishing emails from alleged charity organizations asking for donations for hospitals and emergency medical facilities.
We are aware that it is extremely important to communicate reliably and securely, especially in times of crisis. We would therefore like to take this opportunity to inform our customers that, despite the current exceptional situation, our services will continue to ensure the comprehensive security of their email communication.
If you have any further questions, our staff will of course be happy to answer them at any time.
