Top

How Secure is Working from Home?

Coronavirus (COVID-19) continues to escalate and is increasingly wreaking havoc on daily life. Where China and South Korea are starting to get back to normalcy. Regions like Europe, India and the USA are being progressively locked-down.

The main precaution that is required to flatten the infected rate curve is to implement social distancing techniques. This essentially requires people to remain isolated from others as much as possible, and for those that can, this means working from home (WFH).

For several years, the ability to use smart devices and the widespread availability of broadband and Wi-Fi has made it easy for many to carry out regular tasks from home or points of Wi-Fi presence such as coffee shops. Progressive enterprises have adopted the potential for workers to access enterprise networks remotely – whether on an occasional or even permanent basis. However, many organisations have not taken this step, rightly concerned about the sensitivity and security of enterprise data.

In the midst of the coronavirus lockdown, many companies are rushing to implement WFH policies. Having many employees suddenly working remotely is a major challenge for an organization and presents numerous cybersecurity issues.

Threats to WFH: 

  • Unsecured Wi-Fi networks: Most workers will be using local Internet providers’ routers – many of which are secured neither at the hardware nor at the network level. Every time an employee connects to their corporate network from an unsecured Wi-Fi network, they’re creating possible access points for cybercriminals to exploit.
  • Device security: As WFH has not been a conventional working culture in many organizations, most employees will have to use their own devices. These personal devices lack security tools, antivirus software and customized firewalls, which can increase the risk of malware and ransomware injection both on personal devices and corporate servers/cloud.
  • A rapid increase in cybercriminal activity: The world’s priority is now focusing on personal safety and maintaining continuous business operations where possible. Consequently, attention on maximising cybersecurity can become a second-order priority. WFH leads to opening new attack vectors. Cybercriminals are leveraging the global panic and are increasing cyber scams and hacking attempts:
    • COVID-19 that is ransomware: An app that promises Android users can track coronavirus live cases and get alerts when someone nearby is diagnosed with the virus is tempting information. However, after installation a ransom note pops up on the screen “YOUR DEVICE IS ENCRYPTED: YOU HAVE 48 HOURS TO PAY 100$ in BITCOIN OR EVERYTHING WILL BE ERASED.”
    • COVID-19 map infected with ransomware: Cybercriminals are selling COVID-19 live interactive map as part of a Java-based malware deployment. The kit costs $200 to $700 (depending on the signing certificate). The user will likely share it with friends and family transmitting the ransomware.
    • Phishing attacks with coronavirus awareness: Cybercriminals keep track of the latest news to exploit it through phishing attacks. In the COVID-19 pandemic, a phishing attack was conducted on medical professionals. A link was sent through an email to join a mandatory seminar which was used to phish or capture the username and password of those working in hospitals.

Cybercriminals are on alert for vulnerable users, if they can target medical professionals, they will target anyone. There are no new lows that cybercriminals won’t stoop to.

 Solutions and Precautionary measures: 

  • Two-factor authentication (2FA) and two-step verification (2SV): A strong password is not enough. Additional steps need to be used to provide an extra layer of security. This could be an email or text message confirmation, a biometric method such as facial recognition or a fingerprint scan, or something physical, such as a USB fob.
  • Virtual Private Network (VPN): VPNs are sometimes used to bypass geographic restrictions on streaming sites and other location-specific content. They can also be used to improve online security as its unreadable to intercepts.
  • Anti-virus Software and firewalls: In addition to enabling built-in firewalls in internet routers and within devices’ own operating system, additional anti-virus software and third-party firewalls offer extra layers of security.
  • Secure Home router: Ideally, home owners should use a router with embedded hardware security. But even changing the default password can be a good first step, followed by enabling encryption to WPA2 or WPA3.
  • Update and Patches: regularly update operating systems, anti-virus, and other software. These updates often include patches for vulnerabilities that have been uncovered.
  • Data Backup: Ideally, hardware backups will be the solution. However, opting for cloud back up services can also work.

The WFH demands a more diligent and disciplined working culture from both employers and employees. Thinking twice before opening suspicious emails, regular system scanning when off duty and keeping an alert attitude can help this transition.

Protecting data is the priority for every organization and adding strong security may be able to thwart most attacks. But securing every vulnerability fully is almost impossible.

As cyber-crime is also a business, criminals will always take the line of least resistance, applying multiple security layers will make it more time consuming and costly for hackers meaning they’re more likely to move on to those that are less well protected.

Counterpoint research is a young and fast growing research firm covering analysis of the tech industry. Coverage areas are connected devices, digital consumer goods, software & applications and other adjacent topics. We provide syndicated research reports as well as tailored. Our seminars and workshops for companies and institutions are popular and available on demand. Consulting and customized work on the above topics is provided for high precision projects.

Apple Snack Pack

PREMIUM

Understanding iPhone

Term of Use and Privacy Policy

Counterpoint Technology Market Research Limited

Registration

In order to access Counterpoint Technology Market Research Limited (Company or We hereafter) Web sites, you may be asked to complete a registration form. You are required to provide contact information which is used to enhance the user experience and determine whether you are a paid subscriber or not.
Personal Information When you register on we ask you for personal information. We use this information to provide you with the best advice and highest-quality service as well as with offers that we think are relevant to you. We may also contact you regarding a Web site problem or other customer service-related issues. We do not sell, share or rent personal information about you collected on Company Web sites.

How to unsubscribe and Termination

You may request to terminate your account or unsubscribe to any email subscriptions or mailing lists at any time. In accessing and using this Website, User agrees to comply with all applicable laws and agrees not to take any action that would compromise the security or viability of this Website. The Company may terminate User’s access to this Website at any time for any reason. The terms hereunder regarding Accuracy of Information and Third Party Rights shall survive termination.

Website Content and Copyright

This Website is the property of Counterpoint and is protected by international copyright law and conventions. We grant users the right to access and use the Website, so long as such use is for internal information purposes, and User does not alter, copy, disseminate, redistribute or republish any content or feature of this Website. User acknowledges that access to and use of this Website is subject to these TERMS OF USE and any expanded access or use must be approved in writing by the Company.
– Passwords are for user’s individual use
– Passwords may not be shared with others
– Users may not store documents in shared folders.
– Users may not redistribute documents to non-users unless otherwise stated in their contract terms.

Changes or Updates to the Website

The Company reserves the right to change, update or discontinue any aspect of this Website at any time without notice. Your continued use of the Website after any such change constitutes your agreement to these TERMS OF USE, as modified.
Accuracy of Information: While the information contained on this Website has been obtained from sources believed to be reliable, We disclaims all warranties as to the accuracy, completeness or adequacy of such information. User assumes sole responsibility for the use it makes of this Website to achieve his/her intended results.

Third Party Links: This Website may contain links to other third party websites, which are provided as additional resources for the convenience of Users. We do not endorse, sponsor or accept any responsibility for these third party websites, User agrees to direct any concerns relating to these third party websites to the relevant website administrator.

Cookies and Tracking

We may monitor how you use our Web sites. It is used solely for purposes of enabling us to provide you with a personalized Web site experience.
This data may also be used in the aggregate, to identify appropriate product offerings and subscription plans.
Cookies may be set in order to identify you and determine your access privileges. Cookies are simply identifiers. You have the ability to delete cookie files from your hard disk drive.