Corona Virus | COVID-19 | nCov-19 Makes internet vulnerable
Published Date: 2021/11/14 by: DaVieS
 |
Making people work from home has a big security threat.
No Question dreams comes true to all hacker or cyber criminals.
Starting from human stupidity that thousands of webpages still have their .git repository on the root, now imagine if all people suddenly wants to work home.
Most of companies never prepared for this.
What to do or not?
Using VPN.
Yes VPN is secure but not all the case, for example what Windows provide by default PPTP or L2TP is not secure at all.
Instead like openVPN would be a great choice, but config does matter, strongly recommended to require peer certificate and also a password for.
But honestly, so many changes so many stress so less time, what will the users do? writing their credentials into a paper or a text file in the Desktop. So therefore why VPN? why anything if users do these kind of errors..
Using Remote Desktop
Now at this point the resource is outsourced with a local 'safe' machine which can be remotely used as Desktop for every user.
Now maybe time to buy some Microsoft stocks if they have for sale. This could be safe or safer than VPN for a normal 'Windows' user, but the companies have enough license? no, just crack -it <- another security issue by modifying Windows binaries or installing some unknown third-party software which makes deep system changes to hack out the RDP sessions.
So .. is there any option left? Okay SOPHOS & Active Directory & VPN combo, but this infrastructure if you dont have, you wont have enough time to deploy asap.
Okay smartass, then WHAT?
Question is what is the critical data to users have to keep their work?
- Really need that past 5 years of documents?
- Really need all the folders?
So in home office the users can work with limited resource, why dont just give their minimal DATA to keep their work at home? Why would you want to give them the whole DATA you have risking a leak or even-worse a trojan into the server over RDP, or a yummy ransomware.
Give them an enviroment whatever you choose with minimal data and focus the security as a CEO you should feel bad yourself over-time while they are working through the whole internet.
Make backup more frerquently and teach them.
This is a keyword, teach the users what they have to care over.
|
If you like the article then don't forget to share!
|
||
Big Concern: Facebook hack, Google Chrome V8 Hack, Meta Support
Many users experiences that their account leaked through Facebook Advertisement platform.The BOT change their names to Kevin Konkrete Davis and..
Maintenance
We are doing some regular maintenance at 22:00 - 02:00 UTC. Some services might be distrupted at this time. ..
FreeBSD Bhyve Webadmin | BVCP 1.9.8 Just Released
BVCP 1.9.8 features New protocol to transmit VNC/RFB data as encrypted and compressed.Better, faster and more responsive UI.Colored..
BVCP 1.9.8 Upcoming Features
We received a ton of feedback about our new project, BVCP.So here is a little description what we are working currently. The next release will..
Trackit-PortGuard just released
When implemented well, this software can be considered as two-factor pre-authentication.Therefore this is one of the most secure method to..
2022 annual report
Here we go another year passed away.We very well predicted the importance of energy efficiency. In the year of 2022 we faced a lot of challenges..
A dull attempt to hack into my email from Nigeria.
Seems like this amazing African country has some hacky potential, but so much to learn.The thing why is this attempt worth a blog entry, because..
BVCP 1.9.0 Released Today
A major version update released out today!This update address many requests and improves overall speed and performance. Highlight of this..
Energy Saving
We have been busy since expanding our services worldwide meanwhile in other hand helping reduce CO emission in industrial-scale levels. We..
Credits and Partners
All rights reserved nPulse.net 2009 - 2023
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD
