Telework and computer security
At its core, the deployment of telework was not really thought of with the requirement of cybersecurity.
Businesses have thought much more productivity and less security. This leads to the use of personal terminals in the workplace, unsecured connections to unprotected networks, and the use of weak authentication methods for access to certain internal systems. A situation that is more than advantageous for hackers. Beyond digital risks, the risk of having computer equipment stolen is not to be overlooked in the context of telework. It may also be that a careless employee leaves access to this material within everyone's reach that allows people here to use it in an unsuitable manner.
This article will also interest you: The majority of employees want to continue teleworking
"Telework increases the entry points into a company's computer system, but also the attractiveness of the flows to hackers, because more strategic information is in circulation. Solange Ghernaouti, a professor at the University of Lausanne who specializes in computer security. "To be safe is to close, to restrict. To fight a pandemic, we confine ourselves, we wear a mask. To combat cyber attacks, we must abandon certain practices that are not secure," adds the specialist.
As we know, it only takes a small situation for it to be used for the benefit of cyber criminals. Solange Ghernaouti points out that "Cyber criminals see opportunities everywhere. ». According to the professor, computer security needs to understand the culture aspect. Something that is instilled through education. It's not something that can be set up in a day or on a whim. "Safety is above all a matter of culture and education," insists the specialist, "but it is not built in a day. The larger companies, which already allowed telework or had nomadic employees, were obviously better equipped than SMEs that had to move to work remotely in a hurry," says Solange Ghernaouti.
According to the specialist always, we should put aside approaches that rhyme with ease. For indeed: "If you use simple and free software like Zoom to make video conferencing, you get what you pay for, that is, you have no security." This means protecting yourself requires a lot of effort and renunciation. "To be safe is to close, to restrict. To fight a pandemic, we confine ourselves, we wear a mask. To combat computer viruses and cyberattacks, we must abandon certain practices that are not secure and anticipate," the expert explains.
In addition, employee awareness plays a very important role in defining any cybersecurity strategy. beyond awareness it is recommended training. According to the cybersecurity professor, computer security should be added as an integral part of the school computer curriculum. This is something to consider in the long term: "The biggest problem is that we always respond in an emergency, like firefighters. We have not anticipated security constraints and needs enough, we are not proactive enough, we do not have a long-term forward-looking vision. It will be decades before this becomes practice. notes Solange Ghernaouti.
Vice-President Stéphane Koch of Immuniweb, a Swiss it security company, said European legislation could be a problem in the fight against cybercrime. They feel that it is not at all adapted to the current context. "In the European Union, a company that has a security breach is liable to a fine, which is equivalent to a portion of its turnover. In Switzerland, companies are not sufficiently legally responsible to bear the consequences in the event of it security laxity," he explains.
On the other hand, we should not forget another important point. computer incidents as a result of cybercrime can lead to the bankruptcy of a company. And there is no shortage of examples. "Someone pretended to be the head of the company and managed to get the payment of 1.6 million euros abroad," explains Stéphane Koch. Some time later, the company went bankrupt and 44 people were unemployed.
Now access an unlimited number of passwords: