All this has led to a blurring
Posted: Sat Feb 08, 2025 3:58 am
Many companies switched to remote work as a matter of urgency. The main requirement was to ensure the operability of the IT infrastructure and access to the information system so that the business would not stop and the company would continue to operate in the normal mode. For this purpose, temporary solutions were used, using non-optimal service connection schemes from the point of view of information security. Attention to information security was paid on a residual basis, since information security is a supporting process.
the external perimeter and increased opportunities for attackers. For example, according to Rostelecom-Solar, the number of services available via the RDP protocol increased by 15% in the first week of self-isolation alone, and the number of information systems brought to the external perimeter has also grown. Previously, these services were only available within the organization's network and were not subject to such a massive onslaught of password guessing attempts (brute force), exploitation of vulnerabilities for the purpose of penetration. Companies have installed new doors labeled "service entrance" without taking care to ensure their security or at least control, and now this has become a potential additional entry point for attackers.
It is also worth remembering that many belarus mobile database did not have time to purchase corporate laptops for employees for remote work. Others did not plan to do this, since office work was carried out on stationary PCs and the purchase of mobile computers could result in a complete upgrade of the PC fleet. Therefore, at the beginning of self-isolation, there was a shortage of equipment to provide corporate devices to all employees who switched to remote work.
the external perimeter and increased opportunities for attackers. For example, according to Rostelecom-Solar, the number of services available via the RDP protocol increased by 15% in the first week of self-isolation alone, and the number of information systems brought to the external perimeter has also grown. Previously, these services were only available within the organization's network and were not subject to such a massive onslaught of password guessing attempts (brute force), exploitation of vulnerabilities for the purpose of penetration. Companies have installed new doors labeled "service entrance" without taking care to ensure their security or at least control, and now this has become a potential additional entry point for attackers.
It is also worth remembering that many belarus mobile database did not have time to purchase corporate laptops for employees for remote work. Others did not plan to do this, since office work was carried out on stationary PCs and the purchase of mobile computers could result in a complete upgrade of the PC fleet. Therefore, at the beginning of self-isolation, there was a shortage of equipment to provide corporate devices to all employees who switched to remote work.