During the COVID-19 pandemic, there has been a significant increase in the adoption of additional network software by companies endeavoring to enable their employees to work from home.
This has turned the attention of the “bad actors” looking to exploit potential vulnerabilities in these work-from-home technologies. As always, their intent is to disrupt business or to compromise computer systems.
In addition to the vulnerabilities that may exist in the software being used, some companies are implementing these collaboration systems in a less secure manner for ease and convenience of the home worker, further exposing themselves to being exploited during online meetings and while file sharing from one home worker to another.
Here are some key mitigation strategies and guidance SRG recommends:
- As overall guidance, treat home workers as if they are still in the office in terms of security, policies and practices. Specifically follow your corporate rules and expectations of sharing information no matter what the data classification is.
- Use existing corporate solutions whenever possible. These are tried and known to your IT group.
- If you need to adopt other technologies for home collaboration, choose those that comply with your needs to control your data (some products may be routing your data or storing your data outside of Canada).
- Choose network collaboration products with appropriate security features. Factors to consider are level of encryption, password requirements and methods of authentication.
Keep these technologies as well as home user systems patched and updated for protection.