Let’s talk about working from home and some dangers that come with remote working and weakened security controls.When I think about working from home I think about the three big categories that could endanger me during work from home.
I’m in a bare-knuckle fight with any other device on the home office. While I might have corporate security on my bring your own device laptop or my corporate laptop, others in my home office might not be so lucky. So think about others in your home office; maybe your grandparents, maybe your parents, maybe your children’s computers, maybe any internet of things devices, smart fridges, smart freezers,really smart anything.
Cyber Hygiene Issues During Work From Home
Now many of these other devices might have some cyber hygiene issues; might be using BitTorrent, might be downloading some shady tools,visiting some weird websites, might be using the Onion Router. They just have an overall lower level of hygiene than your device. So when you’re in this bare knuckle fight with the other devices on the same connectivity level it means anything on their devices might be able to spread laterally to your We’ve seen so many attacks so many malware these days that can move from A to B.
That can move from one computer to another. Quite recently the Emotet botnet has managed to move over wireless routers and jump from wireless to wireless. So the first thing to be aware of there might be somebody on your network on your home network that might be infected or might be at higher risk and that could swam-pover to your The second thing I start to think about is the laxer security controls that your device might have in place now now this means that your device is working from home you sit in your home office so you might not benefit from all the next-generation.
Corporate security that you have when you’re working from the office things like next-generation firewalls,data loss prevention, vulnerability scanning, can they still scan your computer and look for big What about corporate patching, automated updates being pushed out. So the second big thing to keep in mind is that there might be more responsibility on your part because some of a corporate security can’t quite cover your device being worked from The third thing I’d like to think about is the IT perspective here, that’s not just you but your IT team.
So your IT team is probably busy running around fixing things right now trying to set up new VPNs trying to make everything work from home so that you guys just can work. So when you think about this perspective what does this mean for them? There’s a huge influx most likely of devices coming into the corporate network over VPN over other solutions and that also means they have to do some adjustments maybe the VPN profile aren’t as tightly secured and as tightly nitas there should be because keeping the lights up keeping people working from home right now is more important than having everything perfectly secured.
Your IT team is probably having lexer rules in place for normally maybe even some laxer firewall rules that also means that there’s more noise on the network.If I’m an attacker I want to hide in the noise. Now is a great time for me to just go in, there’s so many devices streaming to the corporate network to just hide in the noise in the general noise level.
So what you should keep in mind is probably that you might bea bigger target now because now’s a good time to compromise private devices, home devices, home environments because they are a nice initial entry point into corporate So these are the three things you should really keep in mind: During work from home
- (a) that working from home means you’re in a bare knuckle fight with other devices,
- (b) that your corporate security might not be as tight right now as it could be because you’re at home and some of the corporate security measures don’t apply now and
- (c) that your IT team There’s so much noise streaming in and all those security controls might be a bit laxer than they normally should be should be