Categories: Featured

Top Remote Worker Cyber Risks and Solutions

The Institute of Information Technology Professionals South Africa (IITPSA), outlines safer online meeting and home network measures.

Home-based workers are at increased risk of a cyberattack, but there are several measures they can take to reduce risk.

This is according to Bryan Baxter, a corporate IT business development manager, and IITPSA KZN chapter committee member, who was addressing an IITPSA KZN Chapter webinar last week.

The webinar, focusing on cybersecurity and etiquette for remote work and meetings, outlines a significant shift in cyber risk facing companies and their employees.

“The abrupt move to remote working and cloud has driven many companies to try and do in a matter of months what others took years to achieve,” Baxter said. This move has strained IT resources and highlighted vulnerabilities in home IT environment, which cybercriminals were taking advantage of.

“Security and communication at home are typically not sufficient for corporate usage,” Baxter warned.

Reducing home worker cyber risk

Corporate data is at risk in home user environment due to common vulnerabilities in home networks, and the fact that many users were unaware that their personal information may already have been compromised, Baxter said.

Baxter said key risks among remote workforces included vulnerable endpoints, data leakage, password compromises, the use of shadow IT, a lack of corporate VPNs, and insecure meeting solutions.

“A layered defense approach is needed to protect users, data, networks, devices and technology,” he said. “IT professionals need to make users’ lives easier and they must make it easy for end-users to stay secure, or we will see the emergence of shadow IT and greater risk.”

He recommended a number of ways to mitigate risk in home user environment: “Enhance user awareness training, implement stronger two-factor authentication and keep personal and work systems separate. Corporates should ensure that they have classified their data and that sensitive data is adequately protected from employees working at home. Regularly backing up both work and private data is essential. Use a VPN to access important systems, and secure home routers and wireless devices. Updated endpoint protection such as anti-virus and host based firewalls are important.

These are now moving to more advanced threat protection such as ERD or endpoint detection, and response. This is important because standard AV does not pick up shell scripting compromises. Home systems must be patched and kept up to date, and ideally home users should create separate admin and user accounts on their home computers.

He also emphasized the need to change the default admin password on the home router; enable WAP2 encryption; and use a strong password for the home wireless network.

Selecting safer virtual meeting solutions

With a webinar participant poll revealing that 38% of participants most often use Microsoft Teams, 42% use Zoom, and 9% use Google Meet for video conferencing, Baxter noted that selecting the right solutions for enterprise use was crucial for security and data protection.

He highlighted cases in which meetings had been compromised and videos of meetings posted online. “If you’re going to have a board meeting or talk about your financial results, you need to think about the solution you’re using,” he said.

“Enterprises need to look first at the vendor – asking what is their support like, and can you trust them. Then consider the solution – asking how good is the product, how is it rated and how secure is it?” Considerations should include whether the solution was fit for purpose, its cost and the ease of integration and mobility options.

Factors that should be considered include whether the video conferencing solution offers full end to end encryption, where data is be stored and whether this data would remain private, if meetings could be password protected, the level of host control to mute, block and drop attendees, the visibility of attendees, and if information could be protected from unauthorized modification, access and disclosure.

Etiquette for online meetings

Baxter recommended several basic measures to improve security and effectiveness of online meetings: “Test the technology before the meeting; have a plan and agenda; appoint a moderator; only invite participants who need to be there; and lock the conference and put passwords on entry. Inform participants if you are recording the meeting and introduce everyone at the beginning. Participants should have a clean, work-appropriate background for the video call;  be aware of their audio and video settings; they should look into the camera and not at themselves while speaking; and they should eliminate distractions and focus on the agenda: be present, mute your mic when not speaking and don’t do other work during the meeting,” he said.  

The IITPSA KZN chapter webinar was one of a series of new webinars IITPSA is rolling out to enhance communication and knowledge sharing among members. The Institute of Information Technology Professionals South Africa (IITPSA) CEO Tony Parry noted that the Institute is also increasing the frequency of its new Tabling Tech webinars, designed to give in-depth insights into emerging technologies.

For more information visit www.iitpsa.org.za or https://www.iitpsa.org.za/upcoming-events/

(Visited 11 times, 1 visits today)
Innov8tiv.com

Innov8tiv is a dynamic Web source for technology news, resources and innovation, with a special focus on the entrepreneurial advances of Africans on the continent as well as in the Diaspora. This site seeks to not only inform consumers and companies about the latest in tech trends and ideologies, but to shed light on a phenomenon often ignored: the inventive, life-changing and creative engine that exists in Africa and among leaders of color around the world, including the UK, the Caribbean, Australia, and Asia. Send story ideas to info@innov8tiv.com

Recent Posts

Dress for Success: 8 Key Ways to Succeed in Design School

Congratulations! After years of hard work, you’ve been accepted into the fashion design school of…

12 hours ago

How Is It Possible To Track Someone’s Location By Phone Number?

My husband’s behavior for the last few months was beginning to become a serious concern…

13 hours ago

Dodge the Issues that Knock your Business off the Market

Did you know that more than 90% of new businesses will fail within their first…

13 hours ago

How to Track Someone’s iPhone Remotely (100% Works)

Everyone has their reasons to track someone's iPhone. For parents, you may be interested in…

1 day ago

Best Free WordPress Startup Business Themes In 2020

These days many transactions are happening online and rightly so. Gone are the days when…

1 day ago

Legal Basics: What Are the Different Types of Negligence?

Proving negligence is one of the critical factors when pursuing a personal injury or wrongful…

3 days ago