There has been a marked increase in stories of high profile attacks on large companies and even some celebrities by ransomware operators and security experts say that if we don’t change our ways it is only going to get worse.
It comes down to how businesses have reacted to the COVID-19 pandemic and allowing workers to operate from home offices but not updating how they handle cybersecurity to cater for these changes.
Think of it like this.
Imagine a valuable treasure that is your entire wealth. The security of this treasure dictates your future and how well you will weather the coming business pressures.
Now think of that treasure locked up in a secure bunker with one way to get in and out. This entrance is secured and monitored. Your future looks pretty well secured against the challenges the world can throw at it.
The situation changes and the bunker is no longer accessible so you pick up your treasure and put into a large warehouse but this warehouse has many doors that belong to your employees. They are responsible for making sure the doors work and are secure.
All of a sudden, you can see how your business is at a significantly increased risk of a breach as the points of entry to access the treasure increases and you lose control of the doors themselves.
The treasure is the information and systems that run your business. The bunker is your office network security and the warehouse is the wider internet. Just making your office available to remote internet access is like moving your treasure into a massive warehouse and hoping that nobody stumbles across it.
This analogy hopefully illustrates the risks of working from home without the right technology in place. Your attack surface grows exponentially with every remote worker accessing your office via the internet and the results are already starting to show.
From accounting firms being breached and allowing cyber criminals to access the ATO and steal superannuation funds under new COVID-19 financial support to businesses like BlueScope Steel having to suspend global operations to clean up a ransomware attack and an increased number of attacks on small business. It is only a matter of time until we see the world’s largest attack in the headlines and experts expect that it will be in the next 6 to 12 months.
It is possible to make working from home safe. In our example we can connect the warehouse to the bunker with a tunnel which is a VPN that you control. Employees can still access the warehouse and you can control who uses the tunnel. This simple system enforces network security and still allows remote access.
If you want to know more, contact your IT provider or contact me directly.