Lockdown – Homeoffice – Cybersecurity

Lockdown – Homeoffice – Cybersecurity

IT Security | 25. November 2020 | 3 min |

Lockdown – Homeoffice – Cybersecurity

Three buzzwords that are currently dominating everyday life in many companies. As in March, the lockdown has meant that many companies have had to work from home or extend their working hours further.

But it’s not just companies that have had to adapt as a result of the pandemic. Cyber criminals have also adapted to the changed situation in the world of work. Newly developed malware, phishing emails or fake information – there are various dangers for companies. Comprehensive protection of the entire company IT – the central infrastructures in the company and the distributed structures in the home office – is therefore now more important than ever!

A few examples from practice illustrate the existing challenges:

Phishing – still a popular method for hacker attacks
Phishing is a classic, but still popular and successful method of hacker attacks. Phishing involves tapping into data such as passwords using fake emails. However, not only e-mails are faked, but also entire companies by changing the company name in the Internet address only by the ending (e.g. “.de”). Employees receive an email with instructions to log in to the supposed company portal. If an employee does so, the attacker has access to the data.

They then drain the data and demand huge sums of money from the victim to prevent their data from being deleted or – which would often be even more dramatic – published.

Home office – a risk for the security of company data
Unfortunately, people remain a system’s greatest vulnerability. Some employees are already unsettled by the effects of the pandemic and have to take on even more responsibility – including when it comes to IT security. However, many do not have the necessary technical knowledge to recognize potential threats immediately. As described above, they open phishing emails and download attachments, fail to carry out important security updates or even pass on their passwords to unauthorized persons posing as IT service providers. The use of personal devices permitted in some companies as a result of the pandemic also opens up new opportunities for cyberattacks. As a rule, these do not have the necessary corporate security standards or are even already infected with malware.

How can companies protect themselves from attacks by cyber criminals?
Protection against cyber attacks is made up of two components – user training and technical and organizational measures.

On the one hand, employees must be continuously sensitized to the dangers and trained in order to create a basic awareness and understanding of possible threats in the digital world. At the same time, it is necessary for users to know how to use the possibilities of modern IT structures competently and effectively. Through a series of interlinked training courses, examples and simulations of risk scenarios, the digital skills of employees can be continuously developed, which is a key basis for preventing successful cyberattacks.

On the other hand, a company’s technical infrastructure must also be prepared for attacks. Of course, one immediately thinks of using protection software on the users’ computers. While this is a good approach at first, less obvious areas such as servers, network components, firewalls and other devices in the network must also be constantly monitored for vulnerabilities and these must then be proactively remedied. Processes and organizational measures tailored to these challenges, such as end-to-end multi-factor authentication, tightly meshed authorization concepts and worst-case emergency plans with effective backup and recovery scenarios, are also among the essential topics that responsible companies take into account.

A comprehensive risk concept therefore consists of a large number of overlapping layers of protection that can safeguard the central asset – the company with its data and the associated workstations. The ongoing development of these measures is just as important as this awareness – just as cyber criminals are constantly looking for new gateways, it is essential to keep pace and continuously adapt to these risks.

About us

We are a powerhouse of IT specialists and support customers with digitalization. Our experts optimize modern workplace, DevOps, security, big data management and cloud solutions as well as end user support. We focus on long-term collaboration and promote the personal development of our employees. Together, we are building a future-proof powerhouse and supporting customers on their path to successful digitalization.

Contact

Do you have a request? Please contact us!

Do you have a request? Please contact us!

As your companion and powerhouse in the IT sector, we offer flexible and high-performance solutions.