Security Issues of Remote Work Environments and Alternative Solution Approaches

Yıl 2024, Cilt: 8 Sayı: 1, 46 - 51, 31.07.2024

Can Kılıç , İsmail Berk Uzun , Abdullah Taha Ardoğan , Wardah Saleem , Arda Sezen

Öz

Along with the pandemic, the number of employees working remotely has significantly increased. With this increase, also the cyberthreats related to remote workers greatly increased. So, the main question of how remote working affects the cybersecurity tried to be explained via analyzing common threats and mitigations in this study. Throughout the analysis it is found that two more aspects should be investigated; The threats affecting the remote workers and the mitigations affecting the related threats. To provide sufficient answers to these questions, well-known cyber-attacks explained using various studies with countermeasures in the third section. Then we focused on effective security practices and tools as well as how to make those practices and tools more effective. To provide sufficient guidance about how to use these mitigation ways for which attack types, a complete guideline provided for the remote workers. Also, a questionnaire is conducted among some university students to understand the awareness of phishing attacks using wrong URLs and website and email scams from many organizations and the results are showing that for the URL part the accuracy is 84.61% and for the email scams accuracy is 75.64%.

Anahtar Kelimeler

Remote Work Environment, COVID-19, Cybersecurity, Remote Work Guideline, Awareness for Cyber Threat

Kaynakça

• [1] N.A. Rakha, Ensuring Cyber-security in Remote Workforce: Legal Implications and International Best Practices, vol. 1, issue. 3, International Journal of Law and Policy, 2023.https://doi.org/10.59022/ijlp.43
• [2] Z. Khan and P. Charan, Work-from-home Security Issues and Risk over Internet, pp. 468–472, 2023 DOI:10.47715/JPC.B.978-93-91303-45-7_81
• [3] S. Senapati and S.V. Baharatti, An Empirical Study on the Information Security Threats Due to Remote Working Environments. In: Kulkarni, A.J., Cheikhrouhou, N. (eds) Intelligent Systems for Smart Cities. ICISA 2023. Springer, Singapore, 2024. https://doi.org/10.1007/978-981-99-6984-5_2
• [4] S. Milson and B. Altan, Cybersecurity in Remote Work Environments: Challenges And Best Practices. [Online]. Available: http://www.ctan.org/tex-https://easychair.org/publications/preprint_download/9lj5
• [5] B. Buckley, Securing a Remote Workforce, University of New Hampshire, Manchester, June 15, 2021. Available: https://static1.squarespace.com/static/60d4f2e1ecf6cb1c708d572b/t/60f16cabe7c78223958b9089/1626434731404/Buckley+898.M1_+Capstone+Final+Draft.pdf
• [6] S. A.A.D. Effective information security policies for efficient remote working : Software professionals' perspective, [Master’s theses, University of Moratuwa]. Institutional Repository University of Moratuwa, 2019. Available: http://dl.lib.uom.lk/handle/123/16362
• [7] C. Vásquez and J. González Cybersecurity engagement in a remote work environment [Online]. Available: https://lup.lub.lu.se/luur/download?func=downloadFile&recordOId=9090426&fileOId=9090427
• [8] J. Hong, The state of phishing attacks, Commun. ACM, vol. 55, no. 1, pp. 74–81, Jan. 2012. Available: doi: 10.1145/2063176.2063197
• [9] R. Richardson and Max M. North. Ransomware: Evolution, Mitigation and Prevention’. [Online]. Available: https://digitalcommons.kennesaw.edu/facpubs/4276/
• [10] F. Aliyu, T. Sheltami and E.M. Shakshuki, A Detection and Prevention Technique for Man in the Middle Attack in Fog Computing, vol 141, pages 24-31, 2018. Available: https://doi.org/10.1016/j.procs.2018.10.125
• [11] R. Muppavarapu, Open Wi-Fi hotspots- Threats and Mitigations. [Online]. Available: https://dl.packetstormsecurity.net/papers/wireless/openwifimitigations.pdf
• [12] S. Weamie, Cross-Site Scripting Attacks and Defensive Techniques: A Comprehensive Survey, International Journal of Communications, Network and System Sciences, vol. 15, pp. 126–148, Aug. 2022. Available: DOI: 10.4236/ijcns.2022.158010.
• [13] World Economic Forum (2022) The Global Risks Report 2022 17th Edition. Insight Report.[Online]. Available: https://www.weforum.org/publications/global-risks-report-2022/
• [14] Linkedin How do you measure the effectiveness of your encryption?. [Online]. Available: https://www.linkedin.com/advice/3/how-do-you-measure-effectiveness-your-encryption
• [15] CISA. Cybersecurity and Infrastructure Security Agency. Understanding firewalls for home and small office use. [Online]. Available: https://www.cisa.gov/news-events/news/understanding-firewalls-home-and-small-office-use
• [16] M. S. Villanueva. 3 Top Risks of Not Having a Firewall. [Online]. Available: https://www.itsasap.com/blog/3-top-risks-of-not-having-a-firewall
• [17] GeekForGeeks(2023), Types of Virtual Private Network (VPN) and its Protocols. [Online]. Available: https://www.geeksforgeeks.org/types-of-virtual-private-network-vpn-and-its-protocols/
• [18] A. Brown (2022), These 4 Things Could Happen If You Don’t Use A VPN. [Online]. Available: https://southernmarylandchronicle.com/2022/04/27/these-4-things-could-happen-if-you-dont-use-a-vpn/
• [19] Linkedin(2024), What VPN performance strategies can remote workers use to improve productivity?. [Online]. Available: https://www.linkedin.com/advice/0/what-vpn-performance-strategies-can-remote-gtmpe
• [20] D. Bell(2023), The Human Element in Cybersecurity: Understanding Human Factor in Cyber Threats. [Online]. Available: https://www.linkedin.com/pulse/human-element-cybersecurity-understanding-factor-cyber-david-bell-jezuf?trk=article-ssr-frontend-pulse_more-articles_related-content-card#:~:text=The%20human%20factor%2C%20including%20both,are%20often%20exploited%20by%20attackers
• [21] Phishing Attack Survey. [Online]. Available: https://forms.gle/Pw2G1vCiBJQ4t1hQ7
• [22] CSA (2022), Weak Security Controls and Practices Routinely Exploited for Initial Access. [Online] Available: https://media.defense.gov/2022/May/17/2002998718/-1/-1/0/CSA_WEAK_SECURITY_CONTROLS_PRACTICES_EXPLOITED_FOR_INITIAL_ACCESS.PDF