Research Article
BibTex RIS Cite
Year 2024, Volume: 8 Issue: 1, 46 - 51, 31.07.2024

Abstract

References

  • [1] N.A. Rakha, Ensuring Cyber-security in Remote Workforce: Legal Implications and International Best Practices, vol. 1, issue. 3, International Journal of Law and Policy, 2023.https://doi.org/10.59022/ijlp.43
  • [2] Z. Khan and P. Charan, Work-from-home Security Issues and Risk over Internet, pp. 468–472, 2023 DOI:10.47715/JPC.B.978-93-91303-45-7_81
  • [3] S. Senapati and S.V. Baharatti, An Empirical Study on the Information Security Threats Due to Remote Working Environments. In: Kulkarni, A.J., Cheikhrouhou, N. (eds) Intelligent Systems for Smart Cities. ICISA 2023. Springer, Singapore, 2024. https://doi.org/10.1007/978-981-99-6984-5_2
  • [4] S. Milson and B. Altan, Cybersecurity in Remote Work Environments: Challenges And Best Practices. [Online]. Available: http://www.ctan.org/tex-https://easychair.org/publications/preprint_download/9lj5
  • [5] B. Buckley, Securing a Remote Workforce, University of New Hampshire, Manchester, June 15, 2021. Available: https://static1.squarespace.com/static/60d4f2e1ecf6cb1c708d572b/t/60f16cabe7c78223958b9089/1626434731404/Buckley+898.M1_+Capstone+Final+Draft.pdf
  • [6] S. A.A.D. Effective information security policies for efficient remote working : Software professionals' perspective, [Master’s theses, University of Moratuwa]. Institutional Repository University of Moratuwa, 2019. Available: http://dl.lib.uom.lk/handle/123/16362
  • [7] C. Vásquez and J. González Cybersecurity engagement in a remote work environment [Online]. Available: https://lup.lub.lu.se/luur/download?func=downloadFile&recordOId=9090426&fileOId=9090427
  • [8] J. Hong, The state of phishing attacks, Commun. ACM, vol. 55, no. 1, pp. 74–81, Jan. 2012. Available: doi: 10.1145/2063176.2063197
  • [9] R. Richardson and Max M. North. Ransomware: Evolution, Mitigation and Prevention’. [Online]. Available: https://digitalcommons.kennesaw.edu/facpubs/4276/
  • [10] F. Aliyu, T. Sheltami and E.M. Shakshuki, A Detection and Prevention Technique for Man in the Middle Attack in Fog Computing, vol 141, pages 24-31, 2018. Available: https://doi.org/10.1016/j.procs.2018.10.125
  • [11] R. Muppavarapu, Open Wi-Fi hotspots- Threats and Mitigations. [Online]. Available: https://dl.packetstormsecurity.net/papers/wireless/openwifimitigations.pdf
  • [12] S. Weamie, Cross-Site Scripting Attacks and Defensive Techniques: A Comprehensive Survey, International Journal of Communications, Network and System Sciences, vol. 15, pp. 126–148, Aug. 2022. Available: DOI: 10.4236/ijcns.2022.158010.
  • [13] World Economic Forum (2022) The Global Risks Report 2022 17th Edition. Insight Report.[Online]. Available: https://www.weforum.org/publications/global-risks-report-2022/
  • [14] Linkedin How do you measure the effectiveness of your encryption?. [Online]. Available: https://www.linkedin.com/advice/3/how-do-you-measure-effectiveness-your-encryption
  • [15] CISA. Cybersecurity and Infrastructure Security Agency. Understanding firewalls for home and small office use. [Online]. Available: https://www.cisa.gov/news-events/news/understanding-firewalls-home-and-small-office-use
  • [16] M. S. Villanueva. 3 Top Risks of Not Having a Firewall. [Online]. Available: https://www.itsasap.com/blog/3-top-risks-of-not-having-a-firewall
  • [17] GeekForGeeks(2023), Types of Virtual Private Network (VPN) and its Protocols. [Online]. Available: https://www.geeksforgeeks.org/types-of-virtual-private-network-vpn-and-its-protocols/
  • [18] A. Brown (2022), These 4 Things Could Happen If You Don’t Use A VPN. [Online]. Available: https://southernmarylandchronicle.com/2022/04/27/these-4-things-could-happen-if-you-dont-use-a-vpn/
  • [19] Linkedin(2024), What VPN performance strategies can remote workers use to improve productivity?. [Online]. Available: https://www.linkedin.com/advice/0/what-vpn-performance-strategies-can-remote-gtmpe
  • [20] D. Bell(2023), The Human Element in Cybersecurity: Understanding Human Factor in Cyber Threats. [Online]. Available: https://www.linkedin.com/pulse/human-element-cybersecurity-understanding-factor-cyber-david-bell-jezuf?trk=article-ssr-frontend-pulse_more-articles_related-content-card#:~:text=The%20human%20factor%2C%20including%20both,are%20often%20exploited%20by%20attackers
  • [21] Phishing Attack Survey. [Online]. Available: https://forms.gle/Pw2G1vCiBJQ4t1hQ7
  • [22] CSA (2022), Weak Security Controls and Practices Routinely Exploited for Initial Access. [Online] Available: https://media.defense.gov/2022/May/17/2002998718/-1/-1/0/CSA_WEAK_SECURITY_CONTROLS_PRACTICES_EXPLOITED_FOR_INITIAL_ACCESS.PDF

Security Issues of Remote Work Environments and Alternative Solution Approaches

Year 2024, Volume: 8 Issue: 1, 46 - 51, 31.07.2024

Abstract

Along with the pandemic, the number of employees working remotely has significantly increased. With this increase, also the cyberthreats related to remote workers greatly increased. So, the main question of how remote working affects the cybersecurity tried to be explained via analyzing common threats and mitigations in this study. Throughout the analysis it is found that two more aspects should be investigated; The threats affecting the remote workers and the mitigations affecting the related threats. To provide sufficient answers to these questions, well-known cyber-attacks explained using various studies with countermeasures in the third section. Then we focused on effective security practices and tools as well as how to make those practices and tools more effective. To provide sufficient guidance about how to use these mitigation ways for which attack types, a complete guideline provided for the remote workers. Also, a questionnaire is conducted among some university students to understand the awareness of phishing attacks using wrong URLs and website and email scams from many organizations and the results are showing that for the URL part the accuracy is 84.61% and for the email scams accuracy is 75.64%.

References

  • [1] N.A. Rakha, Ensuring Cyber-security in Remote Workforce: Legal Implications and International Best Practices, vol. 1, issue. 3, International Journal of Law and Policy, 2023.https://doi.org/10.59022/ijlp.43
  • [2] Z. Khan and P. Charan, Work-from-home Security Issues and Risk over Internet, pp. 468–472, 2023 DOI:10.47715/JPC.B.978-93-91303-45-7_81
  • [3] S. Senapati and S.V. Baharatti, An Empirical Study on the Information Security Threats Due to Remote Working Environments. In: Kulkarni, A.J., Cheikhrouhou, N. (eds) Intelligent Systems for Smart Cities. ICISA 2023. Springer, Singapore, 2024. https://doi.org/10.1007/978-981-99-6984-5_2
  • [4] S. Milson and B. Altan, Cybersecurity in Remote Work Environments: Challenges And Best Practices. [Online]. Available: http://www.ctan.org/tex-https://easychair.org/publications/preprint_download/9lj5
  • [5] B. Buckley, Securing a Remote Workforce, University of New Hampshire, Manchester, June 15, 2021. Available: https://static1.squarespace.com/static/60d4f2e1ecf6cb1c708d572b/t/60f16cabe7c78223958b9089/1626434731404/Buckley+898.M1_+Capstone+Final+Draft.pdf
  • [6] S. A.A.D. Effective information security policies for efficient remote working : Software professionals' perspective, [Master’s theses, University of Moratuwa]. Institutional Repository University of Moratuwa, 2019. Available: http://dl.lib.uom.lk/handle/123/16362
  • [7] C. Vásquez and J. González Cybersecurity engagement in a remote work environment [Online]. Available: https://lup.lub.lu.se/luur/download?func=downloadFile&recordOId=9090426&fileOId=9090427
  • [8] J. Hong, The state of phishing attacks, Commun. ACM, vol. 55, no. 1, pp. 74–81, Jan. 2012. Available: doi: 10.1145/2063176.2063197
  • [9] R. Richardson and Max M. North. Ransomware: Evolution, Mitigation and Prevention’. [Online]. Available: https://digitalcommons.kennesaw.edu/facpubs/4276/
  • [10] F. Aliyu, T. Sheltami and E.M. Shakshuki, A Detection and Prevention Technique for Man in the Middle Attack in Fog Computing, vol 141, pages 24-31, 2018. Available: https://doi.org/10.1016/j.procs.2018.10.125
  • [11] R. Muppavarapu, Open Wi-Fi hotspots- Threats and Mitigations. [Online]. Available: https://dl.packetstormsecurity.net/papers/wireless/openwifimitigations.pdf
  • [12] S. Weamie, Cross-Site Scripting Attacks and Defensive Techniques: A Comprehensive Survey, International Journal of Communications, Network and System Sciences, vol. 15, pp. 126–148, Aug. 2022. Available: DOI: 10.4236/ijcns.2022.158010.
  • [13] World Economic Forum (2022) The Global Risks Report 2022 17th Edition. Insight Report.[Online]. Available: https://www.weforum.org/publications/global-risks-report-2022/
  • [14] Linkedin How do you measure the effectiveness of your encryption?. [Online]. Available: https://www.linkedin.com/advice/3/how-do-you-measure-effectiveness-your-encryption
  • [15] CISA. Cybersecurity and Infrastructure Security Agency. Understanding firewalls for home and small office use. [Online]. Available: https://www.cisa.gov/news-events/news/understanding-firewalls-home-and-small-office-use
  • [16] M. S. Villanueva. 3 Top Risks of Not Having a Firewall. [Online]. Available: https://www.itsasap.com/blog/3-top-risks-of-not-having-a-firewall
  • [17] GeekForGeeks(2023), Types of Virtual Private Network (VPN) and its Protocols. [Online]. Available: https://www.geeksforgeeks.org/types-of-virtual-private-network-vpn-and-its-protocols/
  • [18] A. Brown (2022), These 4 Things Could Happen If You Don’t Use A VPN. [Online]. Available: https://southernmarylandchronicle.com/2022/04/27/these-4-things-could-happen-if-you-dont-use-a-vpn/
  • [19] Linkedin(2024), What VPN performance strategies can remote workers use to improve productivity?. [Online]. Available: https://www.linkedin.com/advice/0/what-vpn-performance-strategies-can-remote-gtmpe
  • [20] D. Bell(2023), The Human Element in Cybersecurity: Understanding Human Factor in Cyber Threats. [Online]. Available: https://www.linkedin.com/pulse/human-element-cybersecurity-understanding-factor-cyber-david-bell-jezuf?trk=article-ssr-frontend-pulse_more-articles_related-content-card#:~:text=The%20human%20factor%2C%20including%20both,are%20often%20exploited%20by%20attackers
  • [21] Phishing Attack Survey. [Online]. Available: https://forms.gle/Pw2G1vCiBJQ4t1hQ7
  • [22] CSA (2022), Weak Security Controls and Practices Routinely Exploited for Initial Access. [Online] Available: https://media.defense.gov/2022/May/17/2002998718/-1/-1/0/CSA_WEAK_SECURITY_CONTROLS_PRACTICES_EXPLOITED_FOR_INITIAL_ACCESS.PDF
There are 22 citations in total.

Details

Primary Language English
Subjects System and Network Security, Data and Information Privacy
Journal Section Articles
Authors

Can Kılıç 0009-0007-4567-3216

İsmail Berk Uzun 0009-0002-2260-4326

Abdullah Taha Ardoğan 0009-0004-7710-4913

Wardah Saleem 0009-0006-2145-293X

Arda Sezen 0000-0002-7615-3623

Early Pub Date July 22, 2024
Publication Date July 31, 2024
Submission Date July 3, 2024
Acceptance Date July 22, 2024
Published in Issue Year 2024 Volume: 8 Issue: 1

Cite

IEEE C. Kılıç, İ. B. Uzun, A. T. Ardoğan, W. Saleem, and A. Sezen, “Security Issues of Remote Work Environments and Alternative Solution Approaches”, IJMSIT, vol. 8, no. 1, pp. 46–51, 2024.