Today, it is part of everyday life for people to work from home, but eventually go to the office, or vice versa. Hybrid work environments are becoming increasingly important around the world.
Teleworking has become a competitive advantage for employees and corporations, as productivity has been maintained and, in some cases, has increased. However, more exposure to the internet also represents greater vulnerabilities to digital risks.
According to Panorama of Threats in Latin America 2021, made by Kaspersky, the home office it is one of the main attack vectors for consumers and businesses.
This report also establishes that, so far this year, cyberattacks have increased by 24%, compared to the first eight months of 2020.
In this context, it is important to emphasize that cybersecurity can never be guaranteed 100%, but it is possible to reduce risks if the necessary measures are taken and the advice of a cybersecurity expert is available, as this is the best way to avoid loss of information by users in hybrid work environments.
“Since the collaborators can be inside or outside the company network, the solutions endpoint security (protection of each endpoint device), allow us to monitor and follow up on everything that is happening from the users’ perspective ”, he says. Gustavo Chapela, director of KIO Cyber Security.
Also, it is important to use another authentication method. Normally it is suggested to implement the use of token (identifier), since a second factor of security, in addition to the password, will reduce the risks considerably.
Threats and recommendations
Currently, one of the most successful attacks is called business email compromise (BEC), because it is a scam that can be forwarded to thousands of people. As this is a social engineering threat, the main advice is for users to be cautious: do not reply to unknown recipients and do not share data and personal information on untrusted pages.
Ideally, workers should only respond to contacts that are a normal part of the business context. If we manage to have that awareness and generate that business culture, it is unlikely that we will fall into traps “, he assures Chapel.
It is also necessary to mention the ransomware, a type of attack that is generating a lot of impact in different organizations, since it hijacks the data of people or companies.
“Taking into account that virtual attacks are constantly evolving, we recommend that companies do an annual evaluation of new technologies. In addition, it is essential to have an update of the security systems and the IT infrastructure ”, he explains. Chapel.
Although updating systems seems obvious and trivial, not all corporations do it. Sometimes corporate applications depend on a certain version to function. In summary, every 12 months the security strategy should be reviewed. In addition, organizations should look for cybersecurity providers that provide 24/7 monitoring, with the aim that they can react in a timely manner to any threat.
Finally, Chapela lists the challenges and opportunities that companies have in the field of cybersecurity:
It must have personnel with technical knowledge of cybersecurity, since internally they are in charge of deciding, choosing and supervising the cybersecurity strategy.
It is relevant to assign an adequate budget. In many cases, companies have not had a planning process or have a small budget for IT security, making it very difficult to implement the necessary protection controls.
Investing in cybersecurity should be seen as a way to distinguish yourself from the competition and become a leader in the sector or industry, as this also gives companies an image of trust with their customers and suppliers.