Work From Home Сybersecurity Risks:
We never share your data. Privacy Policy
5 Things You Should Track to
Combat Insider Threats
1
When working from home, a VPN service creates the most secure way of accessing corporate resources, provided that VPN sessions are carefully monitored. IT admins and security managers, already overloaded with tasks required to enable remote working, do not have the capacity to manually sift through noisy logs to detect suspicious VPN connections.
Netwrix Auditor cuts through the noise and provides easy-to-understand reports on successful and failed VPN logon attempts, detailing who initiated the session, what IP the authentication attempt was made from and when it occurred.
Suspicious Remote Access Connections
2
Data Access in the Cloud
Modern cloud-based storage systems, such as SharePoint Online, play a huge role in facilitating remote work, but they also become especially vulnerable to attack when an entire team of employees is accessing the sensitive data stored there from home. All too often, users put their own convenience over security, and as such they tend to load documents onto personal devices, putting the security of those files into jeopardy.
Netwrix Auditor shows you exactly who is accessing content from SharePoint Online or Teams, letting you determine if an employee is downloading an excessive number of documents and verify if there is a business need for that.
Privilege Escalations in Microsoft Teams
.
3
Users in Microsoft Teams are often granted excessive privileges by negligent coworkers, who simply add them to a team to share access to files. While this may appear to be the easiest way to collaborate on projects, it also goes against the principle of least privilege.
Netwrix Auditor records all changes to Azure AD groups, allowing you to easily review them with team owners and catch changes performed maliciously or by mistake.
Spikes in Failed Activity
A perceived lack of oversight when working from home may embolden employees to look for and try to access data that they are not supposed to work with. Multiple failed attempts by a user to log in or to access files and folders may indicate an insider is trying to access sensitive data without a legitimate reason. Being able to spot such incidents makes you more likely to prevent insiders from harming your critical data.
Netwrix Auditor allows you to easily detect these spikes in failed activity across your IT environment, thereby helping you spot illicit attempts to access or modify your sensitive data.
4
5
Excessive Access Permissions on Sharepoint
The urgent need to shift to remote work exposes an organization to increased risk from malicious insiders, who were just biding their time to act. To reduce the number of cybersecurity incidents involving your sensitive data (both stored on premise and in the cloud), you should ensure your users' access permissions are kept strictly in line with your business requirements.
Netwrix Auditor provides you with a convenient overview of the effective user permissions for all objects in your online and on-premise site collections to make sure that your sensitive data is not subject to unnecessary exposure.
Want to learn more about how to bolster security in the “work from home” scenario?
Watch our «Remote Workers 101: Detecting Insider Threat» webinar, where Netwrix cybersecurity experts will share tips on how to prevent data leakage and detect suspicious activity in cloud applications.
Work From Home Сybersecurity Risks:
We never share your data. Privacy Policy
5 Things You Should Track to Combat Insider Threats
Get the Free 20-Day Trial of Netwrix Auditor
1
When working from home, a VPN service creates the most secure way of accessing corporate resources, provided that VPN sessions are carefully monitored. IT admins and security managers, already overloaded with tasks required to enable remote working, do not have the capacity to manually sift through noisy logs to detect suspicious VPN connections.
Netwrix Auditor cuts through the noise and provides easy-to-understand reports on successful and failed VPN logon attempts, detailing who initiated the session, what IP the authentication attempt was made from and when it occurred.
Suspicious Remote Access Connections
2
Data Access in the Cloud
Modern cloud-based storage systems, such as SharePoint Online, play a huge role in facilitating remote work, but they also become especially vulnerable to attack when an entire team of employees is accessing the sensitive data stored there from home. All too often, users put their own convenience over security, and as such they tend to load documents onto personal devices, putting the security of those files into jeopardy.
Netwrix Auditor shows you exactly who is accessing content from SharePoint Online or Teams, letting you determine if an employee is downloading an excessive number of documents and verify if there is a business need for that.
Privilege Escalations in Microsoft Teams
3
Users in Microsoft Teams are often granted excessive privileges by negligent coworkers, who simply add them to a team to share access to files. While this may appear to be the easiest way to collaborate on projects, it also goes against the principle of least privilege.
Netwrix Auditor records all changes to Azure AD groups, allowing you to easily review them with team owners and catch changes performed maliciously or by mistake.
Spikes in Failed Activity
A perceived lack of oversight when working from home may embolden employees to look for and try to access data that they are not supposed to work with. Multiple failed attempts by a user to log in or to access files and folders may indicate an insider is trying to access sensitive data without a legitimate reason. Being able to spot such incidents makes you more likely to prevent insiders from harming your critical data.
Netwrix Auditor allows you to easily detect these spikes in failed activity across your IT environment, thereby helping you spot illicit attempts to access or modify your sensitive data.
4
5
Excessive Access Permissions on Sharepoint
The urgent need to shift to remote work exposes an organization to increased risk from malicious insiders, who were just biding their time to act. To reduce the number of cybersecurity incidents involving your sensitive data (both stored on premise and in the cloud), you should ensure your users' access permissions are kept strictly in line with your business requirements.
Netwrix Auditor provides you with a convenient overview of the effective user permissions for all objects in your online and on-premise site collections to make sure that your sensitive data is not subject to unnecessary exposure.
Want to learn more about how to bolster security in the “work from home” scenario?
Watch our «Remote Workers 101: Detecting Insider Threat» webinar, where Netwrix cybersecurity experts will share tips on how to prevent data leakage and detect suspicious activity in cloud applications.