No business is exempt
In a recent interview on the blog Safety Detectives, Markus Koelmans, VP of Engineering at DocuWare notes that prominent companies like T-Mobile and Capital One are also vulnerable to cyberattacks. “They are hugely successful businesses, yet both fell prey to hackers, which led to customer information being compromised,” he says.
Koelmans also points to the recent attack on Danish State Railways (DSB) which is the largest train operator in Denmark and Scandinavia. “The DSB network came to a screeching halt due to a cyberattack on a subcontractor that provides a critical app for train conductors,” he notes. “This is a valuable lesson to us all – we often focus so much on our own security but are remiss about checking the security practices of the businesses we subcontract with.”
Common work-from-home security risks
Hybrid work models represent a major challenge for IT security. Traditional security measures weren’t built to safeguard work-from-home employees (WFH). Here are some of today’s most common security risks.
1. Unsecured networks
While office networks have highly complex security measures, the situation is different in a home network. If it is unsecured or if a laptop connects to a public Wi-Fi network in a café, for example, without sufficient security measures, data is sent in an unencrypted format. This allows cybercriminals to access sensitive information and passwords with ease.
2. Phishing and ransomware
3. Bring your own device (BYOD)
How to protect your business against these security risks
Zero Trust meets Zero Touch: The combination of Zero Trust plus Zero Touch security may eventually augment or replace VPNs because it provides per session access to a specific function rather than access to the entire network. With Zero Trust, every login attempt is initially classified with a trust value of zero. Multiple authentication factors are required for a user to gain access to the corporate network. A continuous security risk assessment takes place in the background.