For more than 20 years, the cyber security industry has focused on enterprises rather than on the wider national integrated security environment – and certainly not on integrated homeland security. Smart devices that make life at home more comfortable are increasingly being used and implemented, but in general the industry continues to focus on operational reliability. Even when it comes to standards, the National Institute of Standards and Technology (NIST) focuses on business and federal government rather than its own country.
For example, the NIST Cyber Security System, a popular security system, is designed for businesses, not individuals. However, in many households today the number of devices and connections is greater than the number of small businesses 20 years ago. Households follow the same path as small businesses and, like them, need more attention and protection.
COVID-19 imposed organizational changes in no time, forcing a transition from a largely centralized work environment to a highly distributed infrastructure at home. This rapid transition from unprotected and unmanaged environments (IT, IoT, mobile, cloud, etc.) has made cybersecurity in organizations much more complex, while there has been a massive expansion of the digital attack surface. With many employees having to use personal devices for business purposes, organizations should now consider implementing policies that allow them to better control and manage these personal devices. The security issue that once focused on BYOD (bring your own device) has now been extended to BYEH – Bring Your Enterprise Home. We need new safety standards and practices to address this issue.
While my company and others had policies, management processes, controls, hardware and software to protect this new business ecosystem, they did so with the awareness that today’s home is a very inhospitable security environment.
In my own home, for example, there are many different systems of devices such as wireless lighting, smart locks, multiple smart televisions, multiple streaming devices, smart power sockets, wireless security systems, PDAs, wireless speakers, cameras, thermostats and other devices connected to the home control system. And that’s for adding computers, laptops, iPads and smartphones for all residents. A growing number of IoT devices are helping people turn their home into a smart home, but homeowners often don’t know how to secure these devices. In addition, many products do not interact or integrate with each other, making it difficult to identify security weaknesses.
Today, a bad actor can break into a house and steal valuables – a bank account, documents, mental health (by turning a smart light on and off at 3 a.m. and blowing music from connected speakers) – even without physically walking through the door. This is a serious problem for individuals, but even more so for companies and governments that want to work remotely in order to continue working during the VIDOC pandemic 19.
Take all the devices in each house, intelligent or not, multiplied by the federal government employees alone, and you get an idea of the size of the threat vector we created by asking employees to work from home. Then add government contractors who may have access to the same level of security as permanent staff. Then you will understand that this is not just a government matter, but a national matter in which companies and other organisations must ensure the security and remote access of their employees to company facilities.
Cybersecurity isn’t the only area we’re dealing with. For example, ISPs often prefer to support business customers in case of disruptions. For companies, the time between notification and resolution is measured in hours, while the time needed to resolve customer malfunctions is often measured in days. But now the line between what is a critical distant link and what is not is blurring. How does the organisation communicate with the ISP that a particular connection requires a critical allocation and a priority response? How can the concept of points of origin be extended within the infrastructure of a single company?
As a result, broadband access and network connection speed are more important than ever. Maybe it’s time for the Federal Communications Commission to reconsider its broadband designation, because 25/3 Mbps isn’t really suitable for a family with multiple children who take distance courses while mom and dad work from home.
KOVID-19’s waves of change have transformed homes into workplaces and made every connected device in the home a risk to every employer. Today it is not only a smart house, but also a remote office, a classroom, a doctor’s office and a gateway to shopping malls and grocery stores.
As we strive to adapt our economy and our country to the impact of the pandemic, it is also crucial to reconsider the safety of our homes to ensure that protection standards are met. Our apartments are now part of the surroundings of the company. For us as a nation, the time has come to see ourselves as such and adopt a security policy and practice that reflects the new reality of BYEH.
x3Cimg height=1 width=1 style=display:no src=https://www.facebook.com/tr?id=766537420057144&ev=PageView&noscript=1 />x3C/noscript>’) ;
f-secure login,f-secure download,samu konttinen,f-secure careers,f-secure offers,f-secure safe uk,pss cybersecurity siemens,charter of trust principles,work from home cyber security,proof point community,nasdaq:pfpt,why proofpoint,proofpoint customers,proofpoint jobs,proofpoint mission,focal point data risk,focal point data risk linkedin,focal point data risk blog,focal point academy,focal point privacy,focal point technology,isaca learning portal,what does isaca stand for,isaca training week,isaca free certification,isaca south africa,isaca promo code,small business cyber security solutions,small business cyber security plan,small business cyber security statistics,importance of cyber security in business,small business cyber security consulting,internal website security best practices,trend micro canada,otcmkts tmicy,trend micro hong kong,microtrends security,trend micro login,trend micro wiki,byod advantages and disadvantages,byod definition,byod security,is byod a good idea?,byod policy,how have organizations responded to byod?,f-secure,focal point cyber security,f-secure home,f-secure corporation,focal point company,fsecure offers,what does f-secure protect