More and more people are now working fully or partly from home. The Corona emergency solution has increasingly become a trend in modern companies in recent years and has become indispensable. Many applicants already assume this possibility of hybrid work in an application process. But wherever new opportunities open up for employees in the IT sector, there is also an increased risk of cyber attacks. How can I protect my employees in the home office from this and anchor IT security in the minds of my employees?
The basic requirement for secure data exchange with the company network is a Virtual Private Network (VPN). This VPN directs all data communication (including to and from the Internet) via the company network and encrypts it. This ensures that company-internal data cannot be read by third parties. Another step is the encryption of data carriers. If external persons gain access to this device, data on hard drives cannot be viewed and are useless for the attacker. Multi-factor authentication provides additional security to prevent weak password attacks. Here, an additional code is sent to an end device - usually to the mobile phone - which then serves as a kind of second password.
The greatest risk factor, however, is the person themselves. Employees now have to be trained and made aware of cyber security. Unfortunately, no system protects against phishing e-mails or fake phone calls. It is usually attempted here to elicit data from the employee, for example by pretending to be a customer who has forgotten his password. Safety standards and established processes reduce the risk here. An example of such a process could be that passwords are only sent to the customer's e-mail address in encrypted form.
Prevention is better than cure, because the number of attacks is steadily increasing. Ensure security in your company and train your employees.
