Seguridad en teletrabajo

Seguridad en teletrabajo

As more businesses turn to remote work, many are asking themselves, “What security issues come with working remotely?”

For most businesses, there are these top 4 security issues with working remotely:

  1. Phishing scams
  2. Unsecured endpoint devices
  3. Home office risks
  4. Network security

Whether you’re new to remote work or have been telecommuting for years, it’s important to understand how working from home affects your business’ cybersecurity. While certain cybersecurity protocols remain the same whether your office is virtual or not, other defenses need to be altered to fit the home office environment for all employees.

Learn what makes remote cybersecurity different, top security issues businesses face, and how your organization can protect itself below.

Regardless of whether workers are remote or not, all employees should understand their personal role in maintaining your business’ cybersecurity. It only takes one wrong click on a phishing email to cost your business hundreds of thousands—or even shut your doors for good.

If most or all of your employees work from home, the responsibility of each individual increases tenfold.
That’s because instead of maintaining cybersecurity standards across one office, standards must be maintained across as many offices as there are employees. Often, these security protocols must be upheld without the help of on-site IT support or management as well.

To achieve the best outcome, managers and IT teams should help teleworkers implement and practice proper cybersecurity whenever possible. Ultimately, however, much of it comes down to individual responsibility. When it comes to security issues with working remotely, teleworkers must understand how and why they contribute to their business’ overall cybersecurity.

Network security refers to the cybersafety measures taken to protect your company’s entire computer network. Your network security could include cloud computing, proactive cybersecurity tactics, segmentation, and more.

Your business may already be protecting its network with some of these or other cybersecurity strategies. If most or all of your employees are suddenly working from home, however, some of your company’s security measures may need to be rapidly revised.

For instance, if your company typically employs a user privilege system, those user authorizations might need to be updated now that workers aren’t in a shared office space. Or if your data is currently stored on external servers accessed through an internal network, you might attempt to move this data to a new storage location.

But changing how you protect your network can lead to unforeseen problems, new vulnerabilities, or security gaps. Under normal circumstances, such changes can be carefully planned, executed, and monitored. When circumstances dictate hasty change, however, your security could be at risk.

How to Protect Against Security Issues While Working Remotely

When it comes to mitigating or resolving the security issues of remote work, there is no one-size-fits-all approach. The exact cybersecurity measures your business needs will vary based on your organization’s size, operations, assets, and many other factors.

With that said, there are several best practices that can aid in improving remote cybersecurity for many different companies. Soffid is the solution to access information as your were in the office. Have a look to the following interesting video were or CISO, Gabriel Buades, tell us about how Soffid can secure your company data while teleworking.

La protección de los datos en situación de teletrabajo

La protección de los datos en situación de teletrabajo

The COVID-19 pandemic has brought about drastic changes at a social level that would have been difficult to imagine a few weeks or months ago. The situation of confinement in which many countries find themselves, with most of the population unable to leave their homes, is something we were not prepared for and have had to quickly get used to.
Something similar has happened at the work and business level, however, the work does not stop: hospitals, logistics companies, medical material production services, etc. must continue working, and for the rest of the non-critical services in this situation, remote work or teleworking has been imposed at a fast pace.
Normally, establishing new architectures, information systems, tools, etc. is something that takes time, especially in large companies. In this case, many CIOs have been forced to implement remote architectures and work processes in record time.

Many corporate systems are not designed to work from home. Perhaps they are, since in most companies teleworking has been carried out more or less extensively: users take their work home, on weekends, etc. to carry out certain urgent tasks. The difference is that now telework has had to be implemented throughout the organization without exception.

The teleworking scenario represents a new way of doing business for organisations that had not previously implemented this system. This entails the emergence of new risks and threats in terms of personal data protection, as employees are working with different means and resources than usual.

Never in history has so much traffic and so much critical corporate data had to be managed from home. In many cases we are seeing how communication lines, VPN systems, etc. were not prepared for so many volumes of data.

Although in the first phase of the implementation of teleworking, agility and the possibility of giving remote access to the systems has been a priority, the CISOs have also had to establish procedures and tools to work safely.

Now more than ever we are seeing how it is not enough to protect the perimeter of the company. With information scattered in multiple locations, in the cloud, at employees’ homes, etc. it is now more critical than ever to have security that travels with the information.

Cloud storage applications such as Box, OneDrive, G-Drive, collaborative work applications such as Slack or Microsoft Teams, video conferencing tools such as Zoom or GoToMeeting allow critical work to continue and we can all enjoy certain services that are indispensable in this crisis, while on the other hand allow us to do our job.

Customers expect their suppliers to continue to maintain a high standard of security when processing their data, blocking possible threats and keeping them safe from possible security breaches.

One thing that is striking is that in crises, security or cyber security risks increase. The bad guys see a unique opportunity to act on the misdirection, chaos, and take advantage of it. A few weeks ago we watched in the press in astonishment as even hospitals were hit by cyber attacks in the middle of the covid crisis. In fact, unfortunately, phishing attacks have increased these days.

Soffid is providing the same user experience and securing the organisations data. Users can identify using their corporate passwords, they can change the passwords when the policy says that the password has been expired, they can recover the password when they have been forgotten they have all the end users user experience is expected to have without exposing the active directory. And on the other hand, the helpdesk team can track sessions, can label and configure the user’s desktop through scripting, through any other tool they are using with active directory and at the same time the administrator, the global administrators can connect any application they have, including active directory, sap or legacy applications  with Soffid, so administrator can get a secure and reliable platform, but, at the same time, the end users are having the experience they are expecting to have.