The internal data collected by Bitdefender shows that certain employee habits are very difficult to change, and the fact that most people now work from anywhere only makes the situation worse.
If before the COVID-19 pandemic broke out, most employees were protected by the company’s security systems, now the protection of IT infrastructures depends on their behavior and the optimal configuration of the network and devices they work on.
“Eliminating all vulnerabilities in an attack chain is very difficult, especially when that chain includes people. But by using clear security policies and adopting measures specific to each industry, it is possible to limit them and turn work from home into a much safer activity, ”says Silviu Stahie, IT security analyst at Bitdefender.
Underestimating the importance of passwords, a capital sin in IT security
Passwords remain the key to the main gateway to computer systems, but at the same time they are one of the main security measures strictly related to the human factor. In cybersecurity, people are the weakest link in the chain of attack, as confirmed by recent studies which show that 80% of computer breaches were possible due to the use of weak passwords or stolen as a result of an attack.
Every company has well-defined security policies, but these must be changed when employees work outside the premises. Unfortunately, the power of security policies is underestimated in many organizations, and this is one of the main reasons why employees are allowed some negligent actions such as reusing passwords.
The main way organizations can prevent the reuse of old passwords is to implement restrictive security policies at the company level that limit misconceptions and constantly educate employees about the potential risks to which they are exposed.
Incorrect configuration of IT systems in companies is one of the biggest problems. For example, Internet settings alone account for almost three-quarters of all misconfigurations in a company, and a quarter of them end up being used in cyber attacks.
Connecting from anywhere is more dangerous than previously thought
Working from home brought to the fore another problem, which did not have the same magnitude before the pandemic. In many cases, employees connect directly to the company network through a protocol called Windows Remote Management (WinRM). Access to the company through WinRM is often necessary, but users’ rights must be limited by well-defined policies. Unfortunately, 55% of all systems scanned by Bitdefender have WinRM vulnerabilities that could be exploited by attackers to compromise the network.
The data presented comes from telemetry collected in the first six months of 2020 from business terminals protected with Bitdefender security solutions.
Recommendations for employees
Use your business computer for business purposes only and do not access applications or programs in your personal interest.
Avoid reusing old or unique passwords for all accounts, and make sure you use complex passwords that you renew regularly.
Use a high-performance security solution that can detect computer threats and block their installation on devices.
Do not connect with service devices to public Internet networks, but use mobile data or a VPN service.