P.Speaking of security risks when on vacation in the summer, one immediately thinks of lost or stolen devices. If on the one hand, however, it is a personal inconvenience, on the other it represents a serious security risksince mobile devices now contain a large amount of sensitive information.
In fact, from April to today, the attacks have more than doubled and the trend for returning to work is growing by about 25%. These are the data identified by Ermes – Intelligent Web Protection.
95% of successful attacks rely on human error. One of the risks that employees run on returning to the office, in fact, is certainly that of fail to be attentive to safety procedures as they have been during the rest of the year, thus endangering the entire corporate ecosystem.
For mobile workers
If you work in an environment ‘bring your own device ‘(BYOD), It is essential to take additional security precautions while traveling, as both your sensitive data and those of your company are at risk. Such as when connecting from unknown wi-fi networks: in fact, it should be ensured that a certain level of protection is guaranteed (for example WPA2 encryption compared to the less secure WEP encryption). Should it ever be necessary to access banking information or perform another type of sensitive activity on a public Wi-Fi network, then this should be considered. using a VPN service.
Finally, who has never done some oversharing during holidays or travel? However, the excessive sharing of information in real time, especially with the addition of geolocation data, can be a source of problems if this information gets into the possession of a hacker – or even other non-cyber attackers.
The expert’s opinion
“Why should preventive action be taken before returning to operation? Because Cybercriminals are familiar with the work environment of employees and organize cyber attacks in the areas they deem most vulnerable. We have seen it well with the peak of phishing attacks resulting from remote work and cyber attacks will continue to evolve anyway. In addition, the data and passwords of computers used to work on the move, as well as personal devices on vacation, are likely to have been shared with family members who have visited unsafe websites or installed software. This is why it is important to carry out a risk assessment and update policies to minimize them, ensure data security and maintain compliance with the General Data Protection Regulation (GDPR) “, comments Lorenzo Asuni, CMO in Ermes – Intelligent Web Protection.
The steps to follow for a safe return to the office
● Install and activate the ‘Find my phone’ service, in the event that the mobile device is lost. This allows for example to lock the phone, track it and change all passwords immediately, as well as the ability to remotely erase all personal data.
● Browse safely. This caution should always be followed, also and above all before leaving for the holidays; for both national and international travel. If the prefix “https” on a website is not recognizable in the URL field of the browser, you should not send personal information on the web.
● Back up your data. Consider moving your most sensitive data to an external storage device or cloud-based backup service before getting back up and running.
● Update the software. When was the last time the operating system or antivirus was updated? Many updates include important security patches and fixes and should definitely not be delayed before getting back to work.
● Use a reliable security solution. While this step should be taken for granted, many people still underestimate the value of using a updated security software (in the gallery above the most reliable ones) and able to protect against constantly evolving threats.
● Change passwords. In the event that an employee has been the victim of an attack, the password change for all devices and access to corporate networks should be mandatory (and this also applies to third-party suppliers).
● Use of USB devices and personal storage is not permitted. The use of external hardware should not be allowed on corporate computers and systems – files must be transferred to a corporate computer and then scanned for critical issues.
● Using a phased approach to re-entry. Putting in place a gradual return to work by scheduling device updates and cleaning might be a good idea. It would be better set dates for employees to bring their devices to the office for security checks.
iO Donna © REPRODUCTION RESERVED