How the home office exposed corporate security holes

Telecommuting or home-office was the way found by most companies to keep their businesses running and circumvent the social closure and distance measures imposed by the pandemic. 46% of Brazilian organizations migrated their operations to the home office in the first half of this year, according to a study prepared by the Fundação Instituto de Administração (FIA).

But this impromptu rush to move offices to the workers’ home has also resulted in substantial growth in the number of cyber attacks. According to an annual Microsoft security report, the total volume of hacker attacks increased by 35% in the first half of 2020.

Despite the great vulnerability of corporate networks and sophisticated server access techniques, attackers generally prefer easier ways to log into a commercial environment. For this reason, fraudulent attempts to gain access through stolen credentials, called phishing, remain the most used strategy by cybercriminals.

Phishing remains the most used strategy by cybercriminals

Once in control of the system, the hacker can still rely on ransomware, which is nothing more than malicious software that restricts access to a network and charges a ransom in cryptocurrencies so that it can be reinstated. This was the case with the recent attack on the STJ portal.

The weakest link is the human. This is a consensus among security experts. The fact is that, regardless of the security solutions and technologies that you employ in your organization, if the user does not have safe access habits, the investment will have no effect.

balance

The Achilles’ heel of companies when it comes to distance work is, without a doubt, being able to balance simplicity and security. If, on the one hand, the home office cannot be an impediment to the productivity and performance of tasks, on the other hand it cannot be an open door without any control of entry.

Being able to find the middle ground between both objectives is what will determine a company’s potential for a successful data breach, and it can be costly. Another survey by IBM Security showed that the financial impact of a breach for companies is approximately $ 3.8 million.

Hybrid Environment

The way out to expand the infrastructure without compromising security is to include some cloud resources without giving up on-site resources, a hybrid model.

But if there is no end-to-end access management that can control and protect login attempts from different ports, sensitive data can still be exposed.

Antivirus and firewalls are able to block a malicious agent, such as viruses or malware, but do not prevent someone with malicious intent from accessing an environment, in possession of an employee’s stolen credentials.

Protection must be based on the human factor. Multifactor Authentication (MFA) ensures that whoever has the key is, in fact, the authorized agent, through multiple identity confirmations, such as password, facial recognition and biometrics, for example.

To implement this system at all ends, it is necessary to adopt an integrated Identity Management solution, which combines multifactor authentication with artificial intelligence, analyzing behavior data to avoid and block unusual access attempts for the time or the hierarchy level of the user.

The digital transformation has brought a world of possibilities, but it has also expanded the digital attack landscape

More than ever, it is necessary that the tools available are not just another piece in the patchwork of a company’s infrastructure, but that, in fact, they are able to anticipate and protect privileged credentials, be they human or machine.

SaaS, On-premise or cloud, no matter the location, your environment needs to be protected from access and, in that sense, there is nothing more important than recognizing human capital and knowing when an identity does not match its true user

***

Bruno Tarasco, author of this article, is a Sales Engineer at CyberArk.

Leave a Comment