Our focus during these critical times should be to stay safe, more so than ever before. With this thought, here are a few insights on what the security risks during work from home scenarios are and how to avoid them. OneLogin throws light on this topic, and here are a few expert insights from the interview with Niamh Muldoon, Senior Director of Trust & Security in EMEA, OneLogin.
Can you describe the situation that you see in Europe and all over the world with the COVID-19 crisis?
Times of uncertainties create fantastic opportunities for individuals and businesses to shine. Unfortunately, they also create opportunities for malicious attackers. For a cybersecurity attack to take place, three components must be in place – Means, Motive and Opportunity.
What’s relevant to this time right now?
It is a fact that at a global level, enterprises are asking workforces to work from home. So, they are taken out of their familiar working environments, and they are probably accessing data and systems differently for the first time. Business continuity plans are tested against critical business processes with key individuals. This is a time of unknown. We are asking the entire business continuity plan to be executed by all individuals.
What do I need to be aware of as a remote worker?
While working from home, especially in this situation, you must be aware of all your communication channels. Communication channels being, emails, instant messaging and phone calls. Apply the S.T.O.P principle to your communications – Stop, Take a breath, Take the Opportunity to think, and Put it into perspective.
It is essential as malicious attackers are using communication channels to execute their threat vectors, in the hope that you, as a remote worker or the individual receiving the communication, will respond with a message. The interaction can be clicking on a link in an email, clicking on a link in an instant message channel, or providing a password or any critical information through a phone call. This will allow the malicious attacker to exploit data and systems, resulting in a cybersecurity attack on you and/or your business. If you have received any message from an unknown resource, report it to your IT security team for investigation.
What is the best practice advice for organisations?
Organisations need to apply their business continuity processes to their entire operations and workforce. Typically business continuity plans drive critical business processes and the workforce around. Organisations are taking data out of systems that have security controls applied and making them available to enable the business through collaboration tooling. So, it’s a best practice to ensure that security controls are in place as they review and revise their business continuity frameworks and plans.
- The cybersecurity threat landscape has increased.
- Apply the S.T.O.P principle to all your communications.
- Ensure security controls are applied as you execute your business continuity plans.
OneLogin is one of the Cybersecurity partners of Inflow Technologies. OneLogin is the identity platform for secure, scalable and smart experiences that connect people to technology.
Stay safe, stay secure.