Cookie theft, real-time phishing and MFA fatigue attacks threaten multi-factor authentication, which has long been considered unassailable.
Everyone who can, works from home every now and then. Maybe even for a few weeks or months from a wonderful lighthouse in the Azores. The only thing that might spoil it is an IT security problem or cybercriminals wanting to make friends. That could ruin my day. What about you?
The pandemic was difficult, but some good has come out of it: I can still work at home or anywhere else, on the Baltic Coast or at Lake Constance. Only if I want to be productive for the company abroad while enjoying the Azores in winter, then I have to discuss this with the HR manager and my boss. With just a bit of bureaucracy, I can enjoy the view of the Atlantic from my desk, pick up a dragonfish fresh from the boat at the end of the day – and grill it in the moderate evening breeze.
I wouldn’t want to give up these possibilities, even if I’m not living the dream. I am not alone in this feeling: An acquaintance even declined a lucrative job offer because he was supposed to work 50 percent of his time in the office. One day in the office a week would be the maximum he is prepared to accept.
It is not only my friend who has become accustomed to these freedoms. We all know the surveys: Almost everyone whose tasks allow them to work from home wants to do so – at least a few days a week. I no longer have to worry about justifying working from home to colleagues. It's just nice that I'm not alone with all the benefits and concerns of remote working: We're a community! Maybe you could even call us ‘homies’. Our motto: Work hard. Enjoy life.
Usually everything is fine.
Thinking of everything that everyone who works from home has in common comforts me. I can talk to my colleagues via video call, meetings are online and there are breakout rooms for select conversations. It’s amazing what is possible now and how complex IT has become.
My company hasn’t left me in the dark either: I just need to take care of the internet. I need a good connection where I work. The company provides the laptop, software and the security.
It's good that their enterprise VPN solution is also suitable for the cloud, because I need secure remote access to the server, where all the data I work with is located. I need this and access must be secure. If something went wrong, it could mean the end of working for home for me and I might even have to change company to continue working remotely. But that’s unlikely to happen. Joking aside.
I know our IT is on my side. Somebody from the IT department recently told me how much VPN can do: SASE, Single Sign On, SD-WAN and Zero Trust. VPN provides secure data communication in all these concepts and ensures that data is encrypted on its way to the corporate network. If you want to know more about these concepts, you’ll need to read up on them in our blog but to get you up to speed: SASE means Secure Access Service Edge and combines everything possible in a cloud-based solution. SD-WAN (Software Defined Area Network) connects company sites around the world. Everything is connected, even when working from home. We are all still pulling together. Me and all the homies.
My friend with the funny accent.
Everything is different working from home. Even me. My VPN is less of a risk than I am: It offers user and device authentication, automatic updates, multi-factor authentication and endpoint policy checks, which check every login attempt and security on end devices – while I still trip over the carpet. I’ve started to realize that if the IT department tells me that I am the biggest security risk, they might have a point. The other day I received an email that was so well done that I almost fell for it. Fortunately, I moved my mouse over the link and saw that it led to a completely different page. I immediately deleted the email. I'm not really that stupid.
But it reminded me that you are never really alone working from home. Cybercriminals want to be my friend. They even call me. They try to flatter me: My rank at Mortal Combat was so great, they wanted to buy the account and just need a few details. They have strange accents. Good thing I'm not greedy. And don't play the game at all. But it might work on Discord, you need to be careful. The other day there was a Russian guy who wanted to help me with a strategy game. I had asked for help in the chat. But things didn’t work out. He said: Let me take a look at your PC via TeamViewer, you just need to download it: here’s the link... I shut him down. Not with me. My boss from Brazil dropped in too. He said that he was brokering an important deal and really needed data he didn’t have to hand. It was a matter of life and death! Only we don't have a branch in Brazil and if we had one – well. I would have brought a colleague into the picture via a conference call. There’s always time to verify.
It ended right there.
If I detect a scam, I'll slam the door. Do the same – because every home office has a door that you can close. And technology that makes sure we are never really alone.