[Video Review] Sitting Ducks: When Employees Work from Home

Hi this is Scott Young from Optrics Engineering and we understand that things are kind of rough out there with the current pandemic.

We wanted to start shooting some videos and things that we’re seeing on the networking side that might be of help to those of you out there who are managing their networks and trying to get everything under control in this new reality.

One of our partners is KnowBe4 and they do security awareness training.

They are very good at coming up with articles and here’s one that caught my attention that we posted on our Optrics Insider blog (http://www.OptricsInsider.com) that I wanted to tell you about and it has to do with this whole work from home new reality with your employees and in their view they’re sitting ducks when it comes to opening up security holes and so I wanted to talk to you about that and offer you some suggestions at the end.

Many users are finding themselves sheltering in place and are actually struggling with the technology and services that they really haven’t had much in the way of experience with because most people are used to going to their office spending their day there and then coming home and they do work at work and home is home.

The home computer environments aren’t nearly as secure and protected then at the office.

This also applies to students as well. The home environment isn’t necessarily as secure as the school environment or the office.

We have to remember that our employees and and their families are under a considerable amount of stress and this represents potentially severe security problems for organizations of all shapes and sizes and huge opportunities for malicious actors looking to worm their way into the networks of companies, government organizations and schools across the country.

Here is an example of a phishing email, which seems legit that could have easily been sent to any of one of your employees or somebody you know and it looks like it’s coming from the IT support desk.

It’s saying how to connect securely through a VPN connection, click here and use this password.

The user then clicks the link and they’re taken to what appears to be a legitimate Microsoft portal. One thing to note is that the hacker must be using Azure because the domain here is actually Windows.net so it totally looks legit, looks familiar and so lo and behold they go here they enter their login information and the hackers get it.

Now that’s a big problem and social engineering is nothing new. This has been around for a while and social engineering of course is where a hacker gets somebody to click a link or do something that they shouldn’t that gives the hacker access to the network, which bypasses the firewall and other security measures in place.

The way to beat this is to make sure that your employees know what not to click and to make them aware of what phishing attempts are out there.

What KnowBe4 does is they provide what they call “new-school security awareness training” and basically what it is is training that can be done online at work or home.

It shows you what phishing emails are and how to identify them and how hackers work and then what you could also do is you could simulate phishing emails.

You can create your own version of a phishing email and of course it doesn’t go to a malicious site and it doesn’t actually do anything because it’s just a simulation.

You can also keep track of who clicks and who doesn’t and who needs to be trained, and who has gotten the message on what not to click.

** Optrics Inc. is an Authorized KnowBe4 partner


Find out how affordable new-school security awareness training is for your organization. Get a quote now.


The original article can be found here:

https://www.optricsinsider.com/cyber-security/sitting-ducks-when-employees-work-from-home

Leave a Reply