Thanks to the COVID-19 pandemic, working remotely is now a new normal for most businesses across the world. While keeping the workforce safe from the pandemic, this rapid shift to remote work culture is also blurring the boundary between our professional and personal lives. Many employees are now struggling to provide childcare during work hours, while some are using their personal devices to fulfill their work duties. This shift is changing the role of IT security and employers are now bending over backward to ensure a secure work environment for their growing remote workforce. But how exactly how is this changing network boundary posing new security risks? Let us find out. The Changing Network Boundary and BYOD Pose New Security Concerns Cybersecurity risks are looming everywhere and securing remote workplaces require extra stringent policies in place. Here are some common issues faced by employers due to this sudden transition to a remote workforce: Uninterrupted Connectivity: Businesses must ensure their remote workers are constantly connected to the corporate network. This means the VPN is always accessible, and there are no hardware or software-related issues. Most organizations are now forced to move away from a traditional data center environment and [...]
Dreamtime attended the excellent pop up Art Expo held by Willyama as part of NAIDOC Week. We will be proudly displaying this amazing piece by #selinanumina in our offices for everyone to enjoy!
Background We have a client who we provide a base level service to. We are responsible for ensuring their desktops are operational and their employees have the capability to log in to their emails, with all other services being provided by another agency. What Happened Recently, we received a call from one of their employees stating that their emails had stopped working. After some initial investigation it was discovered that Microsoft had blocked their account due to the fact that it had hit the threshold for emails being auto-forwarded. This piqued the interest of our security analyst who investigated further and discovered that emails were being forwarded from the O365 account to a gmail account since 15 July. After discussing with the client, this email address was not known to them. Our analyst then disabled the rule within their email account and examined their emails for anything suspicious that may have arrived around the date the rule was first created. This is when our analyst discovered this little gem: As you can see, the email preys on the complacency of users by telling them they can bypass password change requirements by clicking on the link and logging in. This [...]