But Why?
Office environments provide a certain level of security for data and resources. Desktop computers do not go home at the end of the day. Most rank-and-file employees will not have access to data from their homes. Moving from the cubicle to the home office requires that data be in use outside of the security of the office environment, increasing the risk of loss or compromise.
Where patient or confidential client data may go straight to the shredder in the office, at home it may go to the trash can in the kitchen. With the ability to work from anywhere, an employee may be using a more secure Ethernet connection at home on Monday, and on Tuesday the free Wi-fi at a busy coffee shop downtown. The increased risk of complacency needs to be met with increased security awareness, training, and management.
What Should We Do?
- Increase the frequency of security training – If your organization was on an annual or bi-annual rotation, consider quarterly trainings with supplemental emails or newsletters monthly
- Provide targeted training for the issues that increase organizational risk – data compromise, data destruction, device loss and security, and social engineering
- Define work from home security standards and expectations – where and how employees can access data and assets at work
- Utilize managed computers and cell phones that can be disabled if compromised
- Include social engineering testing in your next security assessment
How TCM Security Can Help
Our experts can assess your organization’s security training policy and provide valuable feedback on strengths and areas of improvement. TCM Security can provide targeted social engineering and phishing assessments to test your organization’s security posture and provide ways to remediate weaknesses and build upon strengths. For more information, contact us.
About the Author: Heath Adams
Heath Adams, also known as “The Cyber Mentor,” is the CEO of TCM Security. While Heath is an ethical hacker by trade, he also loves to teach! Heath has taught courses to over 1,000,000 students on multiple platforms, including TCM Academy, Udemy, YouTube, Twitch, and INE.
Heath has held many certifications, including CISSP, PNPT, QSA, GSNA, OSCP, ECPTX, and eWPT. He also holds an MBA degree.
Finally, Heath is also a husband, animal dad, tinkerer, and military veteran.
About TCM Security
TCM Security is a veteran-owned, cybersecurity services and education company founded in Charlotte, NC. Our services division has the mission of protecting people, sensitive data, and systems. With decades of combined experience, thousands of hours of practice, and core values from our time in service, we use our skill set to secure your environment. The TCM Security Academy is an educational platform dedicated to providing affordable, top-notch cybersecurity training to our individual students and corporate clients including both self-paced and instructor-led online courses as well as custom training solutions. We also provide several vendor-agnostic, practical hands-on certification exams to ensure proven job-ready skills to prospective employers.
Pentest Services: https://tcmdev.tcmsecurity.com/our-services/
Follow Us: Blog | LinkedIn | YouTube | Twitter | Facebook | Instagram
Contact Us: sales@tcm-sec.com