Driven by the pandemic outbreak, companies are forced to have employees work remotely. Since the lockdown caught us unprepared, most employees have been using their personal systems while working from home. Often these systems do not have an ample amount of security tools in place to ensure that the enterprise data remains safe and unaffected.
Recent cases of Ransomware attacks in multiple companies were linked to employees using personal devices to log into the official network which offered a gateway to the hackers to exploit the loopholes in the security system.
A recent report by security experts at ESet has highlighted that post the pandemic outbreak there is a spike in the numbers of brute force attacks on employees who are accessing sensitive corporate data using Windows’ Remote Desktop Protocol or other remote access services.
It was found that in a lot of cases adequate security settings like additional authentication layers etc. are neglected by the organizations. While employees were found guilty of using easy to guess passwords or missing out on installing privacy tools to keep away cybercriminals.
A poorly implemented security solution at an enterprise-level becomes an open invitation for cybercriminals to breach into the network, gain admin access to remove security solutions, deploy ransomware before stealing and encrypting sensitive corporate data.
To ensure that these interlopers are kept away from intruding the organization’s network, the security experts at ESET have suggested a few measures. These are:
- Enforcing strong password policy at the enterprise level
- Use Multi-factor authentication system
- Using only verified and official software
- Training the remote working staff about Do’s and Don’t while working remotely
- Ensuring that authorized systems are used
- Implementing an additional level of security to mitigate brute force attacks