With COVID-19 stay-at-home orders still in place in many states, working from home (WFH) has become what is sure to be the new normal in the post-pandemic world. Given this, remote security should be at the top of every organizations priority list.
Yet, there remains a long list of common myths and misconceptions about remote worker security. And its easy to see how and why this can happen, especially in a world where staff went from working onsite to working from home practically overnight. But it is critical that businesses make themselves aware of what these myths and misconceptions are and address them with the urgency they require.
The list is long, so below are the five most pressing.
Video chat has exploded in to peoples lives over the last couple of months. What was until very recently used mainly as a meeting tool (with a video function that people often tried to avoid) has suddenly become an essential part of our everyday lives in the WFH environmentboth for work and recreation.
And the video app of choice has turned out to be Zoom. But many people are still operating under the misconception that Zoom chats are end-to-end encrypted when they are not. In fact, a number of privacy issues have come to light, such as Zooms iOS app sending data to Facebook without explicit user consent. While this issue has since been rectified, people are still operating under the encryption misconception when it comes to Zoom and other video conferencing apps, some of which are end-to-end encrypted and some of which are not.
Another common misconception that WFH employees are operating under is that VPN connections will work and that there will be sufficient bandwidth and licenses for VPN solutions. This may not be the case because VPN has always been somewhat of an afterthought.
Until COVID-19 took over our everyday lives, VPN was generally used only in special scenarios in which someone needed to work remotely or outside their usual working hours. Because of this, housekeeping, maintenance, management and administration of VPN are not very effective. Organizations dont have dedicated people to handle those things. VPN requires a lot of bandwidth and adequate licenses, and suddenly, with millions of us working from home amid the pandemic, everybody is trying to use VPN, which means issues with bandwidth and licensing that we just hadnt thought of.
VPN solutions also lend themselves to a common WFH security myththat VPN solutions are fully secure. They arent. Generally speaking, we dont see day-to-day housekeeping of VPN servers, such as patching. Compounding this, organizations are often not on the latest versions of their VPN.
This can mean a remote, unauthenticated user may be able to compromise a vulnerable VPN server and gain access to all active users and their plain-text credentials. An attacker also may be able to execute arbitrary commands on each VPN client as it successfully connects to the VPN server.
Given this, and now that VPN has suddenly become so popularand is likely to stay that way in the post-pandemic worldwe need to make sure that VPN solutions are up to date and patched so that hackers dont see VPN as an easy vehicle through which to conduct an attack.
In some ways, it seems so obvious that personal device security is often a far cry from company device security, yet so many organizations allow personal devices to be used for company business without a second thought for security.
Its obviously a challenge even during normal times for remote security to be implemented on any personal device that might be used for company business. But during these extraordinary times, when companies had to set staff up to work from home literally overnight in many cases, its an understandable oversight.
Still, it can have catastrophic consequences if not addressed in the WFH environment. Firms must implement two-factor authentication, content filtering, identity and access management, encryption, auto backups, authentication and security monitoring to any personal device being used for company business.
These are some of the things that youd see in a typical corporate network, but we dont see on personal devices; its a long and dangerous list of disparities creating a myth of security that isnt there.
They dont, and this is particularly problematic in the current situation, given the massive rise in phishing and spam emails since the COVID-19 situation took hold.
And with the majority of organizations currently running their staff remotely, this problem is only magnified. The pandemic is giving rise to a huge amount of fear, uncertainty, anxiety, sympathy, greed and disorder, meaning clarity is easily taken advantage of.
This makes phishing emails even more effective because our defenses are down and we are sitting alone at home with no one to bounce ideas off, ask immediate questions of or get opinions from. We are vulnerable right now and hackers know it.
Its exceptionally important that companies stay on top of these latest and advanced emerging phishing attacks and stop operating under the myth that their remote teams are going to be able to spot a suspect email every time. They probably wont.
Read the rest here:
COVID-19, Security and WFH: Myths and Misconceptions - Security Boulevard
- Symmetric Encryption Algorithms: Live Long & Encrypt - Hashed Out by The SSL Store - Hashed Out by The SSL Store - November 24th, 2020
- Google plans to test end-to-end encryption in Android messages - TechCrunch - November 24th, 2020
- Google Messages Set to Roll Out End-to-End Encryption - Infosecurity Magazine - November 24th, 2020
- Did they crack the code? The importance of encryption for protest movements - OpenGlobalRights - November 24th, 2020
- The EU's muddled approach to encryption - The Spectator US - November 24th, 2020
- AES Encryption Software Market 2020 Global Industry Size, Demand, Growth Analysis, Share, Revenue and Forecast 2022 - The Think Curiouser - November 24th, 2020
- How to recover data from a Mac with T2 or FileVault encryption and without a password - Macworld - November 24th, 2020
- Security flaws in smart doorbells may open the door to hackers - We Live Security - November 24th, 2020
- Document Encryption Software Market 2020 - Impact of COVID-19 Pandemic, Future Development, Top Manufacturers Analysis, Trends and Demand discussed in... - November 24th, 2020
- U.S. Hardware Encryption Market is expected to reach $259.12 billion by 2026 | CAGR 32.4% - WhaTech - November 24th, 2020
- Data Encryption Market: Global Industry Analysis, Size, Share, Trends, Growth and Forecast 2020 2026 - The Think Curiouser - November 24th, 2020
- Arrests and raids in Essex as police crackdown on encrypted criminal networks - Gazette - November 24th, 2020
- 2020 and Beyond: Homomorphic Encryption Market Trends and Outlook Study to 2027 - The Haitian-Caribbean News Network - November 24th, 2020
- US Department of Justice reignites the Battle to Break Encryption - Naked Security - October 17th, 2020
- Five Eyes Call for Tech World to Weaken Encryption - ClearanceJobs - ClearanceJobs - October 17th, 2020
- Zoom Begins Rollout of End-To-End Encryption - My TechDecisions - TechDecisions - October 17th, 2020
- Could homomorphic encryption be the solution to big data's problem? - Siliconrepublic.com - October 17th, 2020
- U.S., UK and other countries warn tech firms that encryption creates 'severe risks' to public safety - CNBC - October 17th, 2020
- Is Signal secure? How the messaging app protects privacy - Business Insider - Business Insider - October 17th, 2020
- AeroVironment and Viasat to aim to improve radio encryption for Puma AE - Flightglobal - October 17th, 2020
- Encryption Backdoor? The Trump Administration Wants It. - The National Interest - October 17th, 2020
- How to use private conversations on Skype to send encrypted calls and messages - Business Insider India - October 17th, 2020
- AES Encryption Software Industry Market 2020: Potential growth, attractive valuation make it is a long-term investment | Know the COVID19 Impact | Top... - October 17th, 2020
- Trustifi Named Overall Encryption Solution Provider of the Year in 2020 CyberSecurity Breakthrough Awards Program - GlobeNewswire - October 17th, 2020
- ACLU and EFF Call DOJ's Encryption Dream a Nightmare - L.A. Weekly - October 17th, 2020
- Global Database Encryption Market Expected to reach highest CAGR in forecast period : International Business Machines Corporation, Symantec... - October 17th, 2020
- Feds, 'Five Eyes' Allies Take Another Swing at Encryption Policy Changes - MeriTalk - October 13th, 2020
- Homomorphic encryption tools find their niche - CSO Online - October 13th, 2020
- Mission Impossible: 7 Countries Tell Facebook To Break Encryption - Forbes - October 13th, 2020
- Dutton pushes against encryption yet again but oversight at home is slow - ZDNet - October 13th, 2020
- Western governments double down efforts to curtail end-to-end encryption - The Daily Swig - October 13th, 2020
- Fuse Analytics integration with StrongSalt offers Enterprise Information Archiving with GDPR protections - PR Web - October 13th, 2020
- Is Signal Safe? What to Know About the New Encrypted Messaging App - Parentology - October 13th, 2020
- Five Eyes alliance warning: 'Encryption creates severe risks to public safety' - New Zealand Herald - October 13th, 2020
- Privateness or youngster safety? 7 governments, together with US & UK, argue Fb's new encryption plan would profit PEDOPHILES - Editorials 360 - October 13th, 2020
- Optical Encryption Market Analysis And Demand With Forecast Overview To 2025 - Express Journal - October 13th, 2020
- Encrypted messages don't always stay private. Here's what that means for you - CNET - October 11th, 2020
- EARN IT Act a Dire Threat to Encryption, Speech Online, Critics Say - Decrypt - October 11th, 2020
- Analyzing Impacts of Covid-19 on Cloud Encryption Software Market Effects, Aftermath, Global Industry Challenges, Business Overview and Forecast To... - October 11th, 2020
- Parts of the Election System Are Ripe for Hacking: 'Encryption? We Don't Do That' - Josh Kurtz - October 6th, 2020
- WikiLeaks led the way for newsrooms to use encryption to protect sources, says Italian journalist - ComputerWeekly.com - October 6th, 2020
- Global Encryption Software Market 2020 Industry Size, Shares and Upcoming Trends 2025 - Reported Times - October 6th, 2020
- Encryption Software Market 2020 2027: Recent Trends, Growth Opportunities and Business Development Strategies By IBM, Trend Micro, Symantec, McaFee,... - October 6th, 2020
- Encryption Key Management Market Research By Growth, Competitive Methods And Forecast To 2026 - The Daily Chronicle - October 6th, 2020
- Global Hardware-based Full Disk Encryption Market Size, Share, Trends, CAGR by Technology, Key Players, Regions, Cost, Revenue and Forecast 2020 to... - October 6th, 2020
- Global Encryption Software Market 2020 | Know the Companies List Could Potentially Benefit or Loose out From the Impact of COVID-19 | Top Companies:... - October 6th, 2020
- Stay Tuned with the Epic Battle in the Encryption Key Management Market - The Daily Chronicle - October 6th, 2020
- Hardware-based Full Disk Encryption Market To Drive Highest Growth By 2027 With Leading Key Players: Seagate Technology PLC, Western Digital Corp,... - October 6th, 2020
- Encrypted USB flash drive you can unlock with your smartphone (or Apple Watch) - ZDNet - October 6th, 2020
- Global Mobile Encryption Market is slated to grow rapidly in the coming years: McAfee(Intel Corporation), Blackberry, T-Systems International, ESET,... - October 6th, 2020
- Cloud Encryption Software Market Potential Growth, Size, Share, Demand and Analysis of Key Players Research Forecasts to 2026 - The Daily Chronicle - October 6th, 2020
- Best Encryption Software in 2020 - Latest Quadrant Ranking Released by 360Quadrants - PRNewswire - September 30th, 2020
- 4 Reasons Why Encryption Is a Must for Data Protection - CIOReview - September 30th, 2020
- Prospective Node Operators Stake $125M in ETH to Participate in NuCypher Encryption Network - CoinDesk - Coindesk - September 30th, 2020
- Fortanix Partners with VMware to Enable Cloud Service Providers to Deliver Data Security as a Service - GlobeNewswire - September 30th, 2020
- SanDisks latest portable SSDs have boosted speed and security - The Verge - September 30th, 2020
- What Facebook users need to know about end-to-end encryption - Fast Company - September 30th, 2020
- Whats really up with your secure WhatsApp chats - Mint - September 30th, 2020
- Hardware Encryption Technology Market Trends Together With Growth Forecast To 2026 - The Daily Chronicle - September 30th, 2020
- Global Cloud Encryption Market- Industry Analysis and forecast 2020 2027: By Industrial verticals, Services, and Region. - Unica News - September 30th, 2020
- Global Hardware-based Full Disk Encryption (FDE) Market to Witness a Pronounce Growth During 2020-2026 - The Daily Chronicle - September 30th, 2020
- Global Cloud Encryption Technology Market with (Covid-19) Impact Analysis: Growth, Latest Trend Analysis and Forecast 2026 - The Daily Chronicle - September 30th, 2020
- Global Email Encryption Software Market Report 2020-2027: Production Capacity and Consumption Analysis by Regions and Country Wise - Crypto Daily - September 30th, 2020
- Cloud Encryption Service Market 2020 | Detailed Analysis, Growth, Research and Forecast - The Daily Chronicle - September 30th, 2020
- Database Encryption Market Potential Growth, Size, Share, Demand and Analysis of Key Players Research Forecasts to 2027 - The Daily Chronicle - September 30th, 2020
- Optical Encryption Industry 2020 Includes The Major Application Segments And Size In The Global Market To 2026 - The Daily Chronicle - September 30th, 2020
- Hardware Based Encryption Market Projected to Be Resilient During 2020-2025 - The Market Records - September 30th, 2020
- Hardware Encryption Market (2020-2026) | Where Should Participant Focus To Gain Maximum ROI | Exclusive Report By DataIntelo - Crypto Daily - September 30th, 2020
- Ring plans to offer end-to-end encryption by the end of the year - The Verge - September 29th, 2020
- Encryption Software Market Comprehensive Study With Key Trends, Major Drivers And Challenges 2020-2026 - The Market Records - September 29th, 2020
- Ring to offer opt-in end-to-end encryption for videos beginning later this year - TechCrunch - September 29th, 2020
- WhatsApp Encryption Is Not Foolproof; Chats Can Be Accessed In These Ways - Yahoo India News - September 29th, 2020
- Hardware-based Full Disk Encryption (FDE) Market Forecast to 2027 Covid-19 Impact and Global Analysis by Type, Deployment Type and Industry Vertical... - September 29th, 2020
- EU Still Asking For The Impossible (And The Unnecessary): 'Lawful Access' To Encrypted Material That Doesn't Break Encryption - Techdirt - September 29th, 2020
- Encryption Software Market Report Examines Growth Overview And Predictions On Size, Share And Trend Through 2025 - The Daily Chronicle - September 29th, 2020
- Russia Is Trying Something New to Isolate Its Internet From the Rest of the World - Slate - September 29th, 2020
- Network Encryption Market From 2020-2026: Growth Analysis By Manufacturers, Regions, Types And Applications - The Daily Chronicle - September 29th, 2020
- Encryption Software Market Size, Analytical Overview, Key Players, Growth Factors, Demand, Trends And Forecast to 2027 - The Daily Chronicle - September 29th, 2020
- Top Technologies To Achieve Security And Privacy Of Sensitive Data In AI Models - Analytics India Magazine - September 29th, 2020
- Database Encryption Market Analysis and the Impact of COVID-19 Key Vendors, Growth Rate and Forecast To 2028 - The Daily Chronicle - September 29th, 2020