Remote-access Guide

breaches that were a result of companies allowing remote access

by Jacky Hane Published 2 years ago Updated 2 years ago
image

How common are security breaches caused by remote workers?

Company telemetry and a survey conducted with 200 IT and cybersecurity professionals suggest that since the start of the pandemic, remote workers have caused a security breach in 20% of organizations.

Is your remote workforce putting your company’s data at risk?

Working remotely is convenient, but remote employees may unintentionally put your company’s data and networks at risk. Unsecured wi-fi connections, unattended computers, and data breaches are just some of the potential negative impacts a company may experience.

What are the most common causes of data breaches at work?

Phishing attacks are widely recognized as the top cause of data breaches. Hackers can easily send seemingly legitimate, deceptive emails with malicious links and attachments. Once an employee clicks on this malicious link, a hacker is able to gain access to the employer’s device.

How will GDPR affect remote employees?

Remote work means an employer has less control and visibility over employees’ data security. GDPR mandates that companies protect personal information and reduce the risk of data breaches through various security measures, but handling it for remote employees is challenging.

What percentage of respondents admit they're using personal devices for work-related activities more than their work-issued devices?

What percentage of respondents say they faced a security breach as a result of a remote worker?

About this website

image

What are the top 3 data breaches?

Top 10 Data Breaches of All Time [Infographic]1. Yahoo – 3,000,000,000 records lost. ... River City Media – 1,370,000,000 records lost. ... Aadhaar – 1,100,000,000 records lost. ... Spambot – 711,000,000 records lost. ... 5. Facebook – 533,000,000 records lost. ... Syniverse – 500,000,000 records lost. ... 7. Yahoo – 500,000,000 records lost.More items...•

What are the 4 common causes of data breaches?

The 5 most common causes of data breachesWeak and stolen credentials. Stolen passwords are one of the simplest and most common causes of data breaches. ... Application vulnerabilities. ... Malware. ... Malicious insiders. ... Insider error. ... Secure your organisation with penetration testing.

What are some notable recent breaches?

data breach. In May 2019, First American Financial Corporation reportedly leaked 885 million users' sensitive records that date back more than 16 years, including bank account records, social security numbers, wire transactions, and other mortgage paperwork.

What was the biggest data breach in history?

YahooYahoo holds the record for the largest data breach of all time, with three billion compromised accounts (Statista). In 2019, Facebook had 540 million user records exposed on the Amazon cloud server (CBS). In 2018, a Marriott International data breach affected roughly 500 million guests (New York Times).

What is an example of a data breach?

Data breach example #4: LinkedIn 165 million accounts. What happened? Social media platform, Linkedin, suffered a data breach that compromised the personal information of 165 million user accounts. The data has since been reported as up for sale on the dark web marketplace.

What are the top five causes of security breaches in order?

Data Breach 101: Top 5 Reasons it HappensCause #1: Old, Unpatched Security Vulnerabilities. ... Cause #2: Human Error. ... Cause #3: Malware. ... Cause #4: Insider Misuse. ... Cause #5: Physical Theft of a Data-Carrying Device.

What are the top 3 biggest data breaches so far in 2021?

The biggest data breaches of 2021Comcast (1.5 billion)Brazilian resident data leak (660 million)Facebook (533 million)LinkedIn (500 million)Bykea (400 million)

What company recently had a data breach?

In September 2021, Neiman Marcus discovered a data breach that had occurred in May 2020. The hack involved approximately 4.6 million online customer accounts and included data on their payment cards – including expiration dates – as well as other personal information.

What companies have been data breached?

The 10 biggest data breaches of all time1) Yahoo. Date: August 2013. ... 2) Marriott Hotels. Date: November 2018. ... 3) FriendFinder Network. Date: November 2016. ... 4) MySpace. Date: May 2016. ... 5) Twitter. Date: May 2018. ... 6) Deep Root Analytics. Date: June 2017. ... 7) MyFitnessPal / Under Armour. Date: February 2018. ... 8) eBay.More items...

Has Google ever had a data breach?

In March 2018, Google developers found a data breach within the Google+ People API in which external apps acquired access to Profile fields that were not marked as public.

How many times has PayPal been breached?

In the meantime, they've blocked customers who signed up for two-factor authentication from logging in to their PayPal account through the PayPal mobile app and certain other mobile apps until the flaw is fixed. With 148 million active users, PayPal has never suffered a major data breach.

Who is the No 1 hacker in world?

Kevin Mitnick is the world's authority on hacking, social engineering, and security awareness training. In fact, the world's most used computer-based end-user security awareness training suite bears his name. Kevin's keynote presentations are one part magic show, one part education, and all parts entertaining.

Why data breaches may happen?

The vast majority of data breaches are caused by stolen or weak credentials. If malicious criminals have your username and password combination, they have an open door into your network.

What is the most common cause of security incident?

Phishing is still the leading cause of security incidents.

How common are data breaches?

The US suffers from the most data breaches In 2021, 212.4 million users were affected (compared to 174.4 million in 2020). In second place was Iran, with 156.1 million breached users in 2021 (up from 1.4 million in 2020).

What type of information is the most frequently exposed in a data breach?

Common data breach exposures include personal information, such as credit card numbers, Social Security numbers, driver's license numbers and healthcare histories, as well as corporate information, such as customer lists and source code.

What percentage of respondents were positive about the transition to remote working?

Roughly 75% of survey respondents were positive about the transition to remote working, but 45% said that no additional security checks or audits were performed to check the security posture of these necessary changes. In addition, while 61% of organizations did provide their staff with remote working devices, 65% did not consider the deployment of any new security tools together with the equipment.

Why did the enterprise need to make sure members of staff had the right equipment as well as network and resource access?

In the clamor to ensure employees could do their jobs from home , the enterprise needed to make sure members of staff had the right equipment as well as network and resource access.

What is standard user privilege?

Standard user privileges are suitable enough to allow a user to download a plugin and integrate a backdoor and keylogger to the system. Privilege misuse is thus one of the most common, yet the most dangerous types of access control breaches that need to be monitored adequately.

What is privilege misuse?

Privilege Misuse. One of the significant types of access control breaches occurs by the hands of the employees within an organization. You can deploy the best access control system for your organization, but a malicious employee can easily misuse their privilege to gain access to the most critical data of the organization.

What services can be used to breach a user's workstation?

During an active session, attackers can easily utilize network services such as remote access, SVN, FTP, TFS, GIT, and SSH to breach the workstations of users with higher privilege.

Why do organizations deploy access control systems?

Most organizations deploy extensive access control systems to keep breaches at bay. However, these systems can sometimes have huge weaknesses that leave doors open to disaster.

What is domain account?

Domain accounts allow users to access the network services of a corporate network. The access to network services is usually provided by default to domain accounts. Hence, if an infected user or a malicious insider has access to the corporate database, then it is easy to breach the corporate data.

What is a poor access control mechanism?

A poor access control mechanism causes outsiders to gain unauthorized access to organizational data. Outsider breach can be attributed directly to a lack of proper access control mechanism. Sometimes, admin privileges can be poorly monitored within an organization.

Why do people work remotely?

Some employees work remotely permanently while some do so occasionally. While remote work serves the purpose of improving the quality of life and productivity, it comes with a cost to organizational security. There are two cases when remote work can serve to pose a threat to organizational security:

What happened to Marriott in 2020?

In January 2020, hackers abused a third-party application that Marriott used to provide guest services . The attackers gained access to 5.2 million records of Marriott guests. These records included contact information, gender, birthdays, loyalty account details, and personal preferences. Marriott’s security team noticed suspicious activity and sealed the insider-caused security breach at the end of February 2020.

How much does insider attack cost?

For these reasons, insider attacks result in devastating losses for organizations. The total average cost of insider-related incidents is $11.45 million according to the 2020 Cost of Insider Threats: Global Report by the Ponemon Institute.

What did GE steal?

Two employees of General Electric (GE) stole data on advanced computer models for calibrating turbines the company manufactured. They also stole marketing and pricing information for promoting this service.

What did the former Cisco employee use his knowledge of?

The former Cisco employee used his knowledge of Cisco’s security mechanisms and abused their weaknesses to gain access to cloud infrastructure and deploy his code. Apparently, access to sensitive resources wasn’t protected with two-factor authentication or other access management tools.

Why is Marriott facing penalties?

Marriott may face severe penalties because the stolen data included personally identifiable information.

What is an insider?

The National Institute of Standards and Technology Special Publication 800-53 defines an insider as “ an entity with authorized access ... that has the potential to harm an information system or enterprise through destruction, disclosure, modification of data, and/or denial of service.

How long was the Microsoft database publicly accessible?

The database was publicly accessible for about a month. Microsoft secured it the same day the breach was reported.

What is a crisis in third party remote access?

SecureLink and Ponemon Institute today released a new report titled “A Crisis in Third-party Remote Access Security”, revealing the alarming disconnect between an organization’s perceived third-party access threat and the security measures it employees. Findings revealed that organizations are not taking the necessary steps to reduce third-party remote access risk, and are exposing their networks to security and non-compliance risks. As a result, 44% of organizations have experienced a breach within the last 12 months, with 74% saying it was the result of giving too much privileged access to third-parties.

Why are organizations not evaluating the privacy and security practices of third parties?

Source and select: Reliance on reputation is the most common reason that organizations are not evaluating the privacy and security practices of third-parties, according to 63% of respondents.

Who conducted the Ponemon study?

The study was conducted by Ponemon Institute on behalf of SecureLink and includes responses from 627 individuals who are involved in their organization’s approach to managing remote third-party data risks. Respondents are based in North America, spanning six industries, including financial services, health and pharma, public sector, services, and industrial and manufacturing.

Is third party remote access a priority?

The report highlighted that while many organizations view third-party remote access as a security threat, it is not a priority — even despite the increasing volume and sophistication of cyberattacks happening around them.

How to protect printers from remote employees?

To protect printers, remote employees can disable WiFi printing on their home printers, turn off printers when not in use, and avoid printing corporate documents at home. Companies can help by excluding personal printers from VPN connections, thereby preventing employees from printing in the first place.

How to protect remote workers?

One solution to protect remote workers using unsecured personal networks is to deploy VPNs as they allow companies to provide secure connectivity between devices, such as a personal computer or smartphone and the corporate network. They typically encrypt data “in transit” so hackers can’t steal the data as it travels across an untrusted network. They provide another layer of remote working data security against misconfigured or unpatched devices since most people don’t keep their devices updated. A VPN can also help IT security teams monitor and filter employees’ network traffic for legal and security reasons. VPNs can be used to protect connections made by computers, laptops, and smartphones.

How to protect home WiFi?

The easiest solution to protecting a home WiFi network is to change the default WiFi password and change it regularly. Also, anonymizing the WiFi network name (the service set identifier or SSID) is a more secure option, especially for remote workers living in urban areas where many networks are available. Avoid including personal or other identifying information in the name to make it harder for hackers to know who it belongs to.

Why should password policies be documented?

Documented password policies can help foster a sense of responsibility with remote employees and combat most employees’ poor password choices. Bans on using personal information in passwords and repeat passwords for account logins can also help reduce the risk. All employees should be discouraged from using personal information in their passwords. Hackers can find this information easily online through social media and other online sources.

What devices can hackers use to print?

Another device that’s become popular with hackers is the personal printer . Today’s WiFi printers have multiple features that make printing easier and have serious security gaps hackers can exploit. Not only that, when remote workers print business documents from personal printers, they often don’t have access to secure shredding services like they do at the office. Printing anything puts corporate information at further risk.

Why do companies use 1Password?

Companies can also use a password manager solution like 1Password to help remote employees store their passwords securely while reducing the number of passwords they need to remember.

How does phishing work?

Phishing attacks often rely on topical stories to exploit people’s fears and emotions to get them to open malicious attachments or click links to spoof sites. The scams are designed to fool people into handing over login details or downloading malicious software that gives criminals access to the computer. These emails have become so sophisticated that it’s increasingly difficult for employees to detect them, especially if they make it past the corporate email filters into their inboxes.

What is the first step in remote work?

The first step is to create a security policy specifically designed for remote workers. 93% of the IT professional interviewed in the OpenVPN study already have a formalized remote work policy in place and this is quite impressive and reassuring.

Why do I need a VPN?

VPN. VPN connections are crucial when your employees connect to unsecured networks, such as Wi-Fi hotspots, even when they work from home. It’s recommended for your employees to be using your company’s VPN. What this tool does is route the traffic through the internet from your organization’s private network, ensuring even more security.

Why do cybercriminals crack passwords?

Cybercriminals are aware that human error is easier to exploit than trying to get past an advanced security solution, which is why they will attempt to crack account passwords in order to access private company data.

Why is a firewall important?

A firewall will prevent unauthorized access to and from the network, further strengthening the security of your employees’ devices. What firewalls do is monitor network traffic, at the same time finding and blocking unwanted traffic. So, firewalls are important tools that will protect your remote endpoints against various cyber threats.

What are the essential security clauses that should be included in your remote work policy?

Below are the essential security clauses that should be included in your remote work policy: Clearly define which positions are eligible for remote work. Be transparent towards your employees. Everyone should be aware which job functions are allowed to work remotely are which are not due to security reasons.

What are the tools that both regular and remote employees should have installed on their devices?

Here are the fundamental tools that both your regular and remote employees should have installed on their devices: 1. Multi-factor authentication. This type of authentication will act as an additional layer of security on top of your remote employees’ accounts.

What is the biggest threat to network security?

Your employees who work remotely can become the biggest threat to your network’s security. By unknowingly following cybersecurity worst practices, employees can actually be the ones giving threat actors access to your network and your company’s private information.

What is the most common cause of data breaches?

Phishing attacks are widely recognized as the top cause of data breaches. Hackers can easily send seemingly legitimate, deceptive emails with malicious links and attachments. Once an employee clicks on this malicious link, a hacker is able to gain access to the employer’s device.

Is working from home mandatory?

Since working from home is mostly mandatory , businesses must rapidly ensure the security of every device. “Employers should discard hardware-based legacy VPNs in favor of cloud-agnostic and scalable network security solutions,’’ suggests Sivan Tehila. “Legacy VPNs can leave gaping holes in your remote security efforts, as they are difficult to deploy and configure, and moreover, they lack the ability to effectively secure policy-based remote access to on-premises resources, hybrid cloud environments, and business applications.” Another key element, she adds, involves virtual training: “Companies should carry out virtual training for team members to educate them on what to do in the event of a cyber-attack and what potential risks they should watch out for, such as suspicious emails, malware, etc.

Can a simple password be cracked?

Simple passwords are incredibly easy for hackers to crack, and furthermore, if an insecure password is used across several platforms, it allows hackers to gain unauthorized access to multiple accounts in a very short period of time.

Is working from home a risk?

Cyber Security Risks. Getty. Yes, it is lonely, it may not be as productive, but there is are much-bigger challenges than these. Apparently, working from home can actually put businesses at risk. While some businesses have a good enough cyber and network security system in place, many are not aware of the risks involved in connecting remotely.

Is Forbes opinion their own?

Opinions expressed by Forbes Contributors are their own.

What percentage of respondents admit they're using personal devices for work-related activities more than their work-issued devices?

In addition, 28 percent of respondents admit they're using personal devices for work-related activities more than their work-issued devices, which could create new opportunities for cyberattacks. This figure becomes more problematic next to another survey finding, which indicates that 61 percent of respondents’ organizations did not urge employees to use antivirus solutions on their personal devices.

What percentage of respondents say they faced a security breach as a result of a remote worker?

In fact, since the start of the pandemic, 20 percent of respondents say they faced a security breach as a result of a remote worker.

image
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9