How safe is WFH? Top 5 cyber security risks that come with remote working. Part-1.

Curated by: Aplomb Cloud, UK.

Date: July 7, 2020 | 2 minutes read | Part-2 here

As the battle against COVID-19 rages on, cyber-criminals have been operating under the cover of the pandemic to launch a variety of cyber-attacks. Their favourites range from phishing attacks, fake apps and maps to trojans, backdoors, crypto miners, botnets and ransomware attacks. It's clear that attackers will exploit and target the most vulnerable organisations and members of our society to make some quick personal gains, and that’s putting it mildly.

With digital-criminals leaving an increasingly wide trail of destruction, here’s our list of the top five security risks that every organisation should act against now.

1. Not having a unified VPN and Multi-Factor Authentication (MFA) solution

Is your current IT network and infrastructure up to scratch?

Virtual Private Networks (or “VPNs”), have become a lifeline for many businesses, extending encrypted networks to our homes and providing a sense of security across commercial outfits. They may be popular, but businesses now need to ask how they can tackle problems that arise due to the fact that many home networks are already infected with malware or compromised hardware that can be exploited for staging cyber-attacks. A compromised identity or device can allow hackers to piggyback through the VPN, whilst the introduction of new productivity-enhancing applications, means opening the door to more unknown vulnerabilities.

So what’s the solution? A simple but effective action that many companies can take right now is to combine the strengths of their VPN with Multi-Factor Authentication (MFA). This should be extended to include Active Directory and move towards an all-encompassing single sign-on (SSO) across the company. This will make it harder for the exploits to occur and mitigate most security risks to networks that weren’t designed to cater for the post-COVID world.

If you’ve faced any of these issues, need help to find out the current state of your IT network, or want guidance on how to help integrate clunky and unconnected systems in your IT environment, we can help. From developing a comprehensive IT and security roadmap to consulting on the rollout of company-wide solutions, drop us an email at info@aplombcloud.co.uk and we’d be happy to help.

2. Responding to a rise in the frequency and intensity of ransomware and phishing attacks

Do you remember the recent celebrity Twitter hacks?

On 15th July 2020, the Twitter accounts of Elon Musk, Bill Gates and other high-profile individuals were breached with a number of suspect messages being posted to their timelines. Imagine if something similar happened within your organisation, where attackers could solicit payments on your company’s behalf. Not only could you lose your customers’ trust but will have to deal with a deluge of legal implications.

Unfortunately, these are not isolated incidents. Based on VMware Carbon Black analytics,there’s been a 148% month-on-month increase of ransomware attacks from February to March 2020 , and this has just been during the beginning of what looks to be a global wave of WFH adoption.

As mentioned in the above paragraphs, a VPN combined with MFA is a strong deterrent against the automatic takeover of business-critical systems. What’s more, making sure that your employees are trained to detect and respond to online scams can make a big difference to the effectiveness of your cyber security policy. With most phishing leaks originating in the accounting and HR departments, it couldn’t be more important to have effective IT and training policies. Just remember that whilst your employees can be the strongest link in your chain, they can easily become the weakest and training them properly could help you to avoid disaster.

Whilst training can help, the best solution, is to expect (and be prepared for) the worst by putting an automatic back-up and disaster recovery in place. You cannot escape from a cyber attack, but if and when your company’s IT systems come under siege you’ll be ready with a response. With Hybrid and Multi Cloud solutions, you probably won’t even notice a glitch with your systems. These solutions are not hard to implement and they won’t cost the earth.

Talk to us today to find out how Aplomb Cloud could help your business to prepare for the worst. For more information, get in touch by emailing info@aplombcloud.co.uk.