For millions, work used to be somewhere you go. Now it’s something you do. From an IT point of view, being unable to control the security of the remote working environment is a significant concern. The employee now sits at home on their laptop, connecting to business servers and applications through virtual private networks, remote desktop or using the cloud. This is all within the control of the IT security team.
However, what processes are run on the laptop, which other devices are connected to the home network, and the security of the employee’s Wi-Fi makes the environment a bit like the lawless Wild West. At the same time, hackers have upped their game, with a massive growth in both the quantity and sophistication of phishing, malware and user account compromise attacks.
Picture an apocalyptic landscape where the employee’s laptop is now teeming with hackers intent on stealing any locally saved data, then piggy-backing on the user’s live connections to business servers, extracting more information and maybe even deploying ransomware.
IT security challenge
A little fanciful perhaps, but cyber security must deal with this scenario. We have to assume that the remote network environment is hostile, and that the employee is deliberately or unwittingly a potential threat. Staff working from home unobserved are also more likely to have fewer scruples about stealing data.
Many organisations put their faith in full disk encryption to protect data, but once the employee’s laptop is running, the door is wide open to malware and access any file, fully decrypted.
Zero Trust is just ringfencing
Traditional security solutions were based on the concept ..
Support the originator by clicking the read the rest link below.
