Does Remote Working Change Your IT Security Stance?

It's quite obvious that the ‘C’ word has changed how many of us work. Whether you’re an employer or employee, the way in which you ‘do IT security’ has probably changed. If it hasn’t then it probably should have….

Threat actors notice that your employees are working from home, or from the coffee shop and adjust their tactics accordingly – they have their ‘Priority Intelligence Requirements’ if they are a nation state, or their financial targets if they are a cybercrime group.

There are dozens of tools – both software and hardware – which can be exploited by the bad guys. Some have other – legitimate – purposes, and others are purely malicious. Would you be able to notice if a threat actor plugged a malicious USB device into one of your employees’ laptops – and would you be able to stop them exfiltrating data from it? Would you notice if your CFO’s email account was compromised, and he/she started asking for employees to change banking details, or buy gift cards?

Have you encouraged (or forced) your employees to use longer passwords, or perhaps you’ve provided a Password Manager for them to make use of (there are some excellent options available commercially). Alongside this, forcing ‘Multi-Factor Authentication’ is one of the strongest forms of defence you can establish – its not infallible but it does raise the bar.  

Security maturity is a journey, not a destination. Every day brings new technology, new attack surfaces, new vulnerabilities, new exploits – but its not an impossible task, and having an educated workforce, combined with a modern, patched infrastructure for them to use will dramatically reduce your risk.

Know what you have, know how you access it and know what would be valuable to different threat groups and you can adjust your stance accordingly. Being in a state of perpetual preparedness is hard and tiring, but it’s the only way to survive on the modern internet. Educate your staff on how to spot, and report suspicious behaviour just like they would in the ‘real world’ and you’re halfway there.

CAMOR GSAT Training nominated for British Security Award
May 9, 2022
GSAT with a Difference
April 25, 2022
CAMOR take part in the Speakers for Schools Inspiration Programme
April 22, 2022
Now taking bookings for disruptive passenger training
April 4, 2022
CAMOR Celebrate International Women's Day
March 9, 2022
CAMOR Attend the OSPAs Awards Ceremony
March 8, 2022
CAMOR's Chairman reflects on the company's achievements
March 8, 2022
Continuous Professional Development - What does it mean to CAMOR
February 21, 2022
ICAO Year of Security Culture Webinar
February 18, 2022
CAMOR Achieve Investors in People Gold Award
February 8, 2022
CAMOR Submission for ICAO and ACI World Video Challenge
January 18, 2022
Insider Risk in Aviation
January 14, 2022
           Employer recognition scheme, Gold Award Holder    
With Department for Transport (DfT) Certified Instructors, CAMOR are a UK  Civil Aviation Authority (CAA) Registered Training Provider