Computer security and telecommuting: when employees become managers
Telework is now a fairly common and usual thing.
A few years ago, you could count the professionals who collaborated in this way. However, with the health crisis and all the inconveniences that this may have brought, the adoption of telework had become a no-brainer, if not a necessity. Yet telework itself is not something simple enough from a technical point of view. Indeed, remote work means massive use of digital solutions. Yet the use of large-scale computer and internet equipment opens a door to cybercrime. Today, the vectors of computer attack have multiplied at the same time as teleworkers have increased.
"For many companies, the massive use of telework imposed from the first containment was only a scaling. explains Benoît Grunemwald, security expert at ESET. , "to evoke the switch to telecommuting and computer security issues requires observing the best practices, put in place by some companies long before the crisis. Many of them worked with telework employees or remote providers. The health crisis has only been a generalization of this operation, to be applied more or less significantly to the vast majority of employees. he adds. He also asked: "How did we treat these populations remotely before the crisis?What equipment, awareness, infrastructure were deployed to ensure that the data that workers access to is secure? That is what we need to look at in order to expand these practices. ».
To migrate to telecommuting, there was of course a question of using cloud technology in one way or another with several tools dedicated to remote collaboration. This may be to share information during teamwork or to simply communicate. Under such conditions, one of the first requirements in this area on securing passwords as noted expertly. As a result, employees should be encouraged not only to use strong passwords, but also to use multiple passwords for their various accounts. In addition to using fairly secure passwords, a dual-factor authentication system should also be in place. "This is a six-digit code received on the employee's phone, providing a second protection in case the passwords have been stolen. This code changes every 30 seconds, and thus ensures that the person who logs in is who they claim to be. This practice, very simple and inexpensive to implement, is systematically recommended by ESET, whether internally or externally, for customers. We offer our solution, ESET Secure Authentication. In terms of cost, financial and human, it's very affordable and easy to deploy. It is a solution that intersects with existing applications. Because while large email providers offer this strong authentication, small applications do not. That is why we are proposing this solution. says Benoît Grunemwald.
In addition, our ESET Expert talks about risk analysis. This analysis has its source in the fact that telework has imposed itself on a part of the population that at the base did not have this habit. As a result, they had to deal with it even though it was difficult.
Benoît Grunemwald proposes to base risk analysis on three key points: "
– The availability of data, i.e. it is available and accessible only to staff who need it;
– The integrity of the data, i.e. it remains accurate and not falsified;
– Confidentiality, both internally and externally, where no one should have access to certain data.
The keys to trust. »
Benoît Grunemwald adds: "The beauty of IT agility is that it ensures security on any workstation, both inside and outside the company. Even by using a regular station, you can continue to work without endangering the safety of the company."
Now access an unlimited number of passwords: