FEATURE : MODERN WORKPLACE
Remote work has also forced organizations to invest more heavily in cloud services to ensure employees can access corporate data and resources regardless of their location , making SaaS apps and cloud services a prime target for attackers . Additionally , it ’ s much harder to monitor employees ’ activities outside of the office and thus , more challenging to mitigate potential attacks . Lastly , employees ’ increasing use of unprotected home computers and Wi-Fi routers with default passwords provides many new ransomware opportunities for bad actors .
But what ’ s the difference between an attack on a corporate network vs . the cloud ? A ransomware attack on a corporate network usually occurs in the form of a malicious app that runs a malicious script on a local PC or corporate server . It encrypts data and then
IN MANY CASES , GUESTS AND EVEN FAMILY MEMBERS COULD ACCESS A CORPORATE LAPTOP THROUGHOUT THE DAY .
Dmitry Dontov , CEO and Chief Architect of
Spin Technology spreads to other PCs and servers . In the cloud , there are two ways to encrypt SaaS data . The first is through a syncing app that connects your local device with your cloud environment . The second is through a malicious OAuth app or browser extension with access to your SaaS data via API . More on best practices for detecting and preventing cloud ransomware later .
So how can companies limit the impact of infections on remote workforce devices ? Today , many device management tools allow you to install VPNs or antimalware software remotely , create security policies , prevent employees from visiting suspicious websites , and monitor and manage employee devices – often from one centralized cloud-based dashboard . On top of that , you need to implement an activity log monitoring solution that uses AI to intelligently scan and identify behavior anomalies such as abnormal GeoIP login , brute force attacks , etc . For organizations with growing remote workforces , this is a ‘ must-have approach ’ to protecting sensitive corporate data and keeping work-from-home employees from causing security disasters that could impact the entire organization .
Unfortunately , parts of security education and training just aren ’ t working . A lot of security training platforms and programs don ’ t adequately cover remote work risks . In the world we live in today , these programs must educate employees on how to securely use their devices in potentially vulnerable home environments .
For example , most employees today need to know how to update router admin passwords , monitor and manage connected devices , and more . And , these training programs don ’ t cover best practices for protecting company devices from non-employees that can easily gain access . In many cases , guests and even family members could access a corporate laptop throughout the day , creating yet another concern for SecOps teams to manage .
So , what is the best way to approach modern ransomware prevention ?
1 . Start by understanding how criminals get access to mission-critical assets . Attackers usually introduce ransomware through phishing emails , removable media , malicious file
42 INTELLIGENTCIO LATAM www . intelligentcio . com