Information Security Essay: Work from Home Security Risks & Best Practices
WFH Users and Data Security
Yahoo has begun warning individual users that their accounts with the service may have been compromised in a massive data breach it reported late last year.
The warning, in email messages sent from Yahoo CISO Bob Lord, tell users that a forged cookie may have been used to access their accounts in previous years.
In December, Yahoo reported that data associated with more than 1 billion user accounts was stolen in August 2013. Less than three months earlier, the company reported a separate data breach affecting more than 500 million users that originally occurred in late 2014.
In a new warning to users sent Wednesday, Yahoo said the forged cookie problem allowed hackers to gain access to user accounts without passwords. The company connected the issue to the breach it reported in September.
“Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account,” the new email from Yahoo says. “We have connected some of the cookie forging activity to the same state-sponsored actor believed to be responsible for the data theft we disclosed on Sept. 22, 2016.”
Yahoo has not identified the state-sponsored actor. The new email was sent to users whose accounts were breached in what was apparently a general attack. Individual users who seem to have been specifically targeted by the state-sponsored actor were sent an additional notice.
Yahoo recommended that users review their accounts for suspicious activity, be cautious of unsolicited communications that ask for personal information, and avoid clicking on links or downloading attachments from suspicious email messages. The company asked users to consider adopting its Yahoo Account Key, an authentication tool that eliminates the need for a password.
“We invalidated the forged cookies and hardened our systems to secure them against similar attacks,” Yahoo said in the new email. “We continuously enhance our safeguards and systems that detect and prevent unauthorized access to user accounts.” PC World (February 2017)
As a WFH user, you are exposed not only to email threats, but also face threats when browsing the Internet, using cloud storage, and using mobile devices.
Task: Write an information security essay discussing threats faced by these technologies and the strategies used to secure them.
Background of information security essay
While new varieties of coronavirus have been circulating throughout the world, and there has been a secondary danger posed by a succession of cyber-attacks including cyber-crime activities. To combat cyberattacks, firms must do regular software upgrades, employ the finest local area networks, as well as conduct penetration testing on a regular basis (Barnes, 2020). Understanding and controlling the factors that increase a company's exposure to cyberattacks is critical. Using previously published studies, this paper examines a variety of cyber security issues, their sources, repercussions, and management and prevention strategies. To improve internet surfing quality, mobile device safety, and cloud-related risks prevention can all benefit from this findings of the study.
Web exposure exposes us towards a variety of security risks. Phishing, viruses, spyware, ransomware, and malware in general are by far the most prevalent risks individuals face today. If individuals don't pay attention to what we share and receive online, we're more likely to become victims of these dangers. Every time we open a website, it's critical to pay close attention towards the mails we obtain as well as any pop-up advertisements we see (Chahal et al., 2019). Not all web sites are safe. Since more individuals are working from home, the external dangers to the WFH scenario are very much like before, but the attack vectors seem to be new. As a result of the pandemic, there has been an upsurge in external threats from hackers. An increasing number of infiltration attempts to get access to business information and disrupt business operations have also been made in recent months.
It's impossible to halt phishing attempts since they're so simple, and they will continue to do so. Spear-phishing attacks have grown dramatically during the epidemic because they have targeted individuals with access to sensitive information. Attackers use the phrase "phishing" to describe the practise of attempting to get access to somebody's personal information, such as usernames, credentials, credit card numbers, or addresses, for their own malicious purposes. Apart from this, last year's DDoS assault, RDP attacks are becoming a more regular hazard than DDoS attacks in terms of how corporate IT division works from home (Fielding, 2020).
Ransomware would be another serious concern. In the previous year, ransomware had already become a major concern. Furthermore, the number of ransomware attacks has skyrocketed following the 2017 NotPetya outbreak (Goel& Nussbaum, 2021). Since the pandemic, external threat to an organization or businsses has dramatically extended, but not only against academics, but also against companies and organizations.COVID-19-themed phishing lures have become more popular among criminal groups, abusing the epidemic as well as the safety of all employees' and workers' family members. Remote working has also been shown to enhance the likelihood of a positive ransomware infection. As a result of weaker IT controls at household and a rise in the number of people working from home on COVID-19 ransomware-themed email scams, this number has risen significantly.
WFH's Home Network is also a serious threat. Home networks remain a vulnerable entry point for attackers (Goel & Nussbaum, 2021). Individuals' home networks are the primary target of threat actors since organisations are unable to safeguard them. As many individuals utilise routers provided by their internet service providers, a man-in-the-middle assault on a home network is relatively simple (Johnson et al., 2021). Consequently, a targeted assault on an employee, in which someone monitors to internet traffic or attempts to encroach on data, may happen, and this might result in data leaking,
URL Spoofing is another major danger. PayPal.com might be renamed "PayPal.co" if the user so desires. If you're only skimming through such a piece of information, the "Co" isn't that noticeable. Most people skim a webpage rather than read it carefully when they first arrive at a new website or receive new information, thus this is something they should keep in mind. Alternatively, one may search for the URL prefix "https://" in the address bar. Whenever the URL begins with "https://," one should know that the site has been validated and is secure to access. This means that if the website is not safe, we should not enter any personal information, such as credit card numbers, passwords or locations - because if one does, then their information will be compromised. Data loss is far more likely while using cloud storage (Johnson et al., 2021).
Next, cloud storage raises the possibility of cloud files being stolen. On the lack of security measures, data saved in the cloud are among the most accessible. Hackers are able to snag them so readily because of their vulnerability while in route to their intended recipient. In light of this fact, it is no surprise that these data are so susceptible to foreign eavesdropping and hacking, albeit with their encryption (Liu et al., 2017). Security regarding cloud file theft is strongest when all data and activities are encrypted as well as when all files are sent via a secure connection. One could only prevent illegal access to cloud metadata, or important data, by encryption all data and using an encrypted channel. Data can easily be lost if hackers get access to someone's personal information (such as a password). Every type of transaction and every file is included in this. These naive consumers may end up being sent to unauthorised and improper websites through various methods of manipulation of data! Cyber-attackers are increasingly focusing their attention on accounts and services. As a result, hackers will be able to change passwords and get access to the most critical sections of such cloud computing systems, making it impossible for users to access their accounts (Ovcharenko, 2021).
Another strategy to avoid losing our stuff, including our registered users, would be to increase the security of their passwords.. Our personal information is at risk when we use passwords that are simple or obvious to thieves. It's like filling their glass towards the brim, forgetting to screw on the lid, and tossing it into your bag, causing the most, if not all, of the water to flow out. What's the point of doing that, right? Using the same password for many internet accounts is a crucial factor to remember. Using a password that is clearly associated with oneself is discouraged since our password is indeed the key to accessing all of our personal information. It's actually not that hard for hackers to get into our personal information if they have enough expertise and understanding of technology (Ovcharenko, 2021).
As a result of working from home, each employee bears extra accountability. WFH's largest challenge is the human component and the capacity of employees to adapt to it. Whoever is weakest, they're going to be the most likely target for attackers (Shaji et al., 2018). When it comes to working from home, the human dimension trumps technological considerations, as does the problem of a skills gap. Owing to a person's casual attitude at home might be a problem with WFH. Individuals are less concerned with the sensitivity of material in their job whenever they are working from home, for example (Škilji?, 2020).
A man-in-the-middle incident comes when someone snoops in on data traffic or perhaps even alters the communication flow on their device as a result of listening in on web traffic. Whenever users access to any open, public, or unprotected WiFi networks, this assault is most likely to occur. "Free WiFi," is estimated that "hundreds of millions" of WiFi networks exist throughout the world, with about one-third of them being unprotected or inadequately secured, according to an online study on the topic. The creation of a bogus WiFi hotspot appears to be relatively easy for bold cybercriminals.
Mitigation of threats
An security policy is perhaps the most important step. Consistency in policies and processes regarding information, regardless of location or work environment, is essential.. In addition to become a qualified security professional, one must adhere to the same standards regardless of the circumstances at work. Additionally, there is an employee education and awareness programme. In information security schooling, including via e-learning, security standards, hazards, and threats might be addressed. Alternatives to "frightening" or "scaring" employees in various scenarios might be included in their network security training as practical exercises. This would be beneficial since people become more conscious and begin to think after already being subjected to such a predicament. Employees within an organisation are expected to complete mandated information security intensive training once per year, as well as a structured learning management system including these trainings is required.
When workers work from home, IAM or Identity Access Management as well as infrastructure best practises are critical. It is also important to follow the concept of least privilege in order to reduce the risk of inadvertent insider threats and difficulties, such as mailing bills to consumers. IAM is particularly critical for system administrator accounts, which often have a lot of power, therefore their use must be limited to a small number of systems at a time. The usage of MFA, or Multi-Factor Authentication, is another technological best practise that falls under the umbrella of IAM. To ensure the security of important services, some of which were previously only accessible from inside the internal network, two-factor authentication was implemented in some situations. When workers work from home, BYOD management becomes more important since it creates a more secure architecture (Zhang et al., 2021). BYOD management helps protect employees against hazards that they may not fully understand. A benefit of BYOD management is the ability to safeguard endpoints, particularly against malware, using virtualization. In the majority of cases, MDM (mobile device management) is used to regulate and reduce the risks associated with the use of mobile devices.
Network segmentation is suggested as another feature that might make a difference by keeping bad actors well outside network, even though all networks are diverse but some are more susceptible than others. As a way to better control communication as well as security, a network can be segmented. Everyone in their home will be able to enjoy whatever digital entertainment they choose during this time of social isolation without endangering their works thanks to the ability to divide work versus non-work traffic.Additionally, network segmentation can help prevent social engineering. Workers must also utilise a VPN or perhaps a proxy to access the internet. In order to build a more secure environment as well as network in a WFH setting, VPN and device management are essential. In addition, an end-device firewall may significantly improve the security of data stored on these devices.
A categorisation strategy for information is another recommended best practise. Identifying information is the initial step in the process of determining its security classification. This necessitates an effort to find out what information is generated, kept, and managed by various business units in the company. Some organisations have four categories of information classification: confidential, secret, internal, and public. These categories determine how and where their data is treated and how it is protected, and they are in charge of those things. It is possible for an organisation to have particular regulations about who may handle secret information and that this material cannot be handled in a home setting as a result of these classifications.
For this paper, the goal has been to investigate whether WFH security best practises are significant in light of COVID-19's security concerns. The main question remained what dangers and threats pertained to employees Working From Home and what best practises are necessary for companies to secure their data and information assets. Identity and Access Management, Information Security Awareness, Information Security Training, Home Network security as well as Information Classification seem to be the best practises for WFH in this regard.
Aleksic, A., Puskaric, H., Tadic, D., & Stefanovic, M. (2017). PROJECT MANAGEMENT ISSUES: VULNERABILITY MANAGEMENT ASSESSMENT. Kybernetes. https://lesa.on.worldcat.org/v2/oclc/7108142331
CMLS. (2019). A Case Study In Project Management A CMLS Technology Section Council White Paper. CMLS. https://cdn.ymaws.com/members.councilofmls.org/resource/resmgr/files/CMLS-PMCaseStudy18f.pdf
Denning, S. (2018). The emergence of Agile people management. Strategy & Leadership, 46(4), 3–10. https://lesa.on.worldcat.org/v2/oclc/7810185284
Downs, D. H., Sebastian, S. P., &Woltering, R.-O. (2017). Real Estate Fund Openings and Cannibalization. Information security essayReal Estate Economics, 45(4), 791–828. https://lesa.on.worldcat.org/v2/oclc/7220723298
ELENA, M. (2019). Project Management using Agile Frameworks. ECONOMY INFORMATICS JOURNAL, 19(1/2019), 34–43. https://lesa.on.worldcat.org/v2/oclc/8520673198 Oliynyk, R. Yu. (2020). PROJECT MANAGEMENT OFFICE IN PROJECT MANAGEMENT OF PUBLIC ADMINISTRATION. “Scientific Notes of Taurida V.I. Vernadsky University”, Series “Public Administration,”2, 139–143. https://doi.org/https://lesa.on.worldcat.org/v2/oclc/9013022129
Osiyevskyy, O., Radnejad, A. B., &MahdaviMazdeh, H. (2020). An Entrepreneurial Management System for established companies. Strategy & Leadership, 48(2), 24–31. https://lesa.on.worldcat.org/v2/oclc/8554368081
Rowell, C. J. (2017). Book Review: Project Management for Information Professionals. Library Resources & Technical Services, 60(4), 280. https://lesa.on.worldcat.org/v2/oclc/8520673198
Shrivastava, S. V., & Rathod, U. (2017). A risk management framework for distributed agile projects. Information and Software Technology, 85, 1–15. https://lesa.on.worldcat.org/v2/oclc/6919825216
Turner, R., &Ledwith, A. (2016). Project Management in Small to Medium-Sized Enterprises: Fitting the Practices to the Needs of the Firm to Deliver Benefit. Journal of Small Business Management, 56(3), 475–493. https://lesa.on.worldcat.org/v2/oclc/7793592335