Many companies are working from home after the coronavirus outbreak. While the number of people working from home in Turkey can reach 2 million, employees accessing remotely to company networks are the target of cyber hackers.
*** This release is originally published in Turkish.
Google Translate Application translates the content you see on this page.***
ISTANBUL (TR) - Starting in China and spreading to more than 120 countries on all continents except Antarctica, Covid-19 coronavirus (coronavirus) is forcing companies, not just individuals, to take precautions. The decision to work from home by global companies such as Google, Facebook, Amazon and Mastercard following the World Health Organization's “pandemic” announcement is rapidly becoming widespread in Turkey, as are many countries where the virus has been seen. These regulations by companies are aimed at protecting community health, while also raising cybersecurity challenges. Employees who provide remote access to company networks could be the new target of cyber hackers.
Following the outbreak of the Coronavirus in Turkey, companies turning to work from home for precautionary purposes will increase in the coming period, said artuğ Tikic, executive vice president of Berqnet Firewall, a manufacturer of domestic cybersecurity products, which could also increase cyber-attacks. Tikic: "According to the latest data shared by the European statistical office (Eurostat), the proportion of people working from home in Turkey was 2.2 per cent compared to about 632 thousand people. With the measures taken by the companies against the outbreak, it is possible to increase this number to over 2 million. As a matter of fact, many companies are making a decision to work from home, and it remains unclear how long these measures will last. This means that at least 2 million people will have remote access to their companies and could be targeted for cyber attacks if necessary measures are not taken.”
Emphasizing that cybersecurity vulnerabilities arising from the unconscious use of employees may also allow attackers to access the corporate network, Tikiç said: “Cybercriminals may cause corporations to suffer great financial losses by performing similar attacks such as phishing attacks or crypto viruses. It should be kept in mind that malicious hackers are targeting corporate employees over these insecure networks regardless of their small/large target. At this point, it is critical to use a firewall device and antivirus application in the office network for secure remote access, to comply with the corporate security policies of employees, and to use VPN and similar encrypted communication methods while connecting remotely to the corporate network. Otherwise, the risk can be taken quite seriously.”
Tikic warned both companies that will provide remote access to the corporate network and employees who will provide access to the network about steps to be followed. 5 measures to be taken by home workers:
1- VPN usage must be mandatory
VPN usage must be made mandatory in remote access. Connecting to the office network via remote desktop connection method without VPN access should be prevented. Corporate security procedures should be applied in the same way for privacy protection and system continuity in VPN access. The rights and privileges defined for the user connected by remote access must be the same as the local computer privileges.
2- Powers should be arranged correctly
Whatever solutions are used for remote access, access permissions must be properly configured. It should be ensured that the employees are limited only to the systems that they need to access and that the access information can be recorded and tracked on the firewall device in the corporate network.
3- Access information should be kept confidential
Remote access connection information of the employees of the institution should not be shared with others. Remote access applications and passwords of persons who are dismissed from the institution should be disabled immediately.
4- Security verification should not be neglected
Two-step security verification, called 2FA, should be used for accessing high-importance systems. For remote access, users must be granted connection permissions for specific days and times.
5- A well-structured firewall device should be used
The operating system patches of the computers that will remotely access the corporate network must be complete and antivirus software must be up to date. In addition to all these, a firewall device that provides a well-structured and ideal security environment should be used, which ensures that access records are kept in accordance with the 5651 numbered legislation.
Contact: Tülay Genç | [email protected] | +90 (850) 885 12 55