This is how secure co-working in the cloud works. Companies should minimize risks in order to better take advantage of opportunities. Digitization in German offices has really started off since Corona. According to a recent Bitkom study, almost all companies (95 percent) are vigorously promoting this process.
This is represented by the investments in Microsoft 365, which enables direct communication and collaboration between employees using the familiar Office products. But caution is advised, advises security expert Thomas Uhlemann from IT security manufacturer ESET. Many dangers are simply shifted from the company network to the cloud.
Opportunities and risks are close together
The (Microsoft) cloud enables a large part of the company's business processes and data to be processed and stored on external servers. On the one hand, companies have to worry less about failsafe, redundancies, backups, DDoS attacks, updates and more. On the other hand, users hand over some of the control and testing options - and that includes IT security.
This is not always advisable, as was recently shown by the example of the security gaps in Microsoft Exchange: “Criminals have long recognized the trend towards“ cloudification ”and concentrate their attacks on vulnerabilities in the most popular products. While Microsoft Exchange Server was last under heavy 0-day attack by several groups in March, it was the Microsoft SharePoint instances that the attackers vehemently focused on last year, ”says Thomas Uhlemann.
Real danger moves to the cloud
Companies should definitely use professional security solutions when using Microsoft 365. Because the dangers of ransomware, malware, SPAM, phishing or social engineering are still present in the cloud. What many managing directors do not know: Those who book Microsoft 365 do not receive adequate malware protection. Even cost-intensive additives, such as the in-house ATP (Advanced Threat Protection), are not of the same quality as the well-known manufacturers of IT security solutions.
At the latest now, business leaders or IT administrators have to react in order to protect their cloud services. Because the danger posed by hackers is real: the so-called Microsoft 365 account takeover is developing into their new additional business. In these attacks, cyber criminals often attempt to steal credentials through social engineering and phishing emails. As soon as an account is compromised, they spy on internal company activities or encrypt the sensitive information with ransomware.
Companies should keep this in mind when using co-working in the cloud
- Rely on comprehensive protection technologies: A valid security system starts with perfectly secured endpoints. Experts speak of the "Multi Secured Endpoint", which is equipped with malware protection, encryption and multi-factor authentication. This means that hackers have hardly any surface area to attack and, if they are successful, they can do little with captured data.
- Fending off threats at an early stage: In the cloud, all data in the cloud storage should be permanently checked for threats. IT managers should pay special attention to Exchange and SharePoint servers. Because: Microsoft does not offer full protection against spam, phishing and malware in the standard company version.
- Protect important company data more effectively: The encryption of company and customer data is one of the most important measures for cybercriminals to break the business model. Coded information cannot be converted into money even in the event of a successful attack.
- Secure access to the cloud infrastructure in a modern way: The decentralized data infrastructure should not be secured with a password alone. As the only instance, this has proven to be too weak and insecure in the past. Professional cloud security concepts should therefore rely on multi-factor authentication - regardless of the size of the organization.
More at ESET.com
About ESET ESET is a European company with headquarters in Bratislava (Slovakia). ESET has been developing award-winning security software since 1987 that has already helped over 100 million users enjoy secure technology. The broad portfolio of security products covers all common platforms and offers companies and consumers worldwide the perfect balance between performance and proactive protection. The company has a global sales network in over 180 countries and branches in Jena, San Diego, Singapore and Buenos Aires. For more information, visit www.eset.de or follow us on LinkedIn, Facebook and Twitter.
Matching articles on the topic