Data Privacy in Remote Work Settings

So, what really is the risk of public Wifi anyway? I got this question after my post yesterday about public WiFi and security risks. 🔹 First, the risks. The video I have attached here demonstrates an Evil Twin attack, where a hacker sets up their own WiFi network that matches the name of a legitimate network in the area. Unsuspecting victims are likely to connect to the Evil Twin network instead - sometimes even automatically. At that point, the hacker can sniff their traffic (easily reading unencrypted traffic and just tracking encrypted traffic) or use various login prompts and links to try and get the connecting users' credentials to various services. Another risk is an attacker gaining control of the legitimate WiFi network by, for example, exploiting an unpatched vulnerability and identifying the administrator login (using default credentials, brute force, etc.). These are legitimate attacks that hackers have demonstrated in the real world countless times - check any Black Hat or DefCon presentation list. 🔹 So, how concerned do I really have to be? About as concerned as you would be for Stranger Danger. The rule we generally tell kids is "don't talk to strangers". Is that because every stranger is evil? No of course not. But, the impact of meeting an evil stranger could be catastrophic, so until we get to know the person better, we keep our guards up. The same goes for public WiFi networks. Most of the time (probably 99% of the time), your public WiFi networks will be just fine. But, connecting to a rogue or hacked network could be catastrophic. 🔹 So, what can I do? Practice basic security principles: ▪ Don't connect to a public WiFi if you don't need to. ▪ If you do connect, be very careful with prompts for personal information or passwords. Look for the domain name and the secure padlock. Make sure you understand why you are being asked for the information (no legitimate WiFi network connects through your Facebook account). ▪ Only use websites that are secured with HTTPS (secure padlock again). ▪ Don't do business or anything sensitive on a public WiFi ▪ Use a VPN What other risks have I missed or suggestions for protecting yourself do you have? Let me know! #security #cybersecurity #wifi #publicwifi #penetrationtesting #hacking #wirelessnetworking https://lnkd.in/geBvxt9Z

The Wi-Fi is free. The breach? Not so much. When your team works from hotels, airports, or beachside cafes this summer, they’re probably connecting to public Wi-Fi—and that’s a problem. For SMBs, one employee logging in over an unencrypted connection can lead to: Credential theft Session hijacking Device compromise Exposure of client data 🧠 Simple tips that make a big difference: Use company-approved VPNs (not free ones) Avoid logging into admin dashboards on public networks Disable auto-connect to unknown Wi-Fi Use hotspot tethering when possible Want our quick “Remote Work Wi-Fi Do’s and Don’ts” list? Just ask. #CyberSecurity #SMBSecurity #RemoteWorkSecurity #DataProtection #InfoSec #TravelSecurity

If you hire remote workers you should be doing a deep dive on your recruiting, hiring, and onboarding processes to understand how you are confirming the identity of the person you are hiring. There are an estimated several dozen “laptop farmers” that have popped up across the U.S. as part of a scam to infiltrate American companies. Americans are being scammed to operate dozens of laptops meant to be used by legitimate remote workers living in the U.S. What the employers and the farmers don’t realize is that the workers are North Koreans living abroad but using stolen U.S. identities. Once they get a job, they coordinate with an American who can provide some “American cover” by accepting deliveries of the computer, setting up the online connections and helping facilitate paychecks. Meanwhile, the North Koreans log into the laptops from overseas every day through remote-access software. CrowdStrike recently identified about 150 cases of North Korean workers on customer networks, and has identified laptop farms in at least eight states. While the primary goal for these workers might be to steal money in the form of cashed paychecks from American companies, many of them are also interested in stealing data for espionage or to use as ransom. At this point, with the speed of AI advancement, this risk is only going to increase for remote-first companies. Get your Security, HR, and Legal teams together to start discussing how you can mitigate this risk. You should even think about recent new hires where this could have potentially occurred and do some investigation. One possible mitigation is to force new hires in certain high-risk roles to come onsite during their first week for onboarding to get their company laptop. During the recruiting process, the recruiter should discuss the mandatory onsite onboarding and ask if they would be available to come onsite their first week for onboarding and to receive their laptop. The I-9 verification should also be done during this onboarding. I would also recommend heightened monitoring on new hires’ devices to ensure there are no red flags indicating suspicious or malicious behavior. I think it’s easy to overlook this risk and think it would be obvious to tell that you hired someone in North Korea, but these scams are getting sophisticated and AI is only going to make it harder to detect. Link to article: https://lnkd.in/e3iAmshM

😨 Public Wi-Fi: Friend or Foe? 🤔 We’ve all been there - at the airport, a café, or maybe even a hotel, and we connect to free public Wi-Fi without a second thought. It's convenient, it's fast, and it's everywhere. But have you ever stopped to think about the risks? Public Wi-Fi networks are often unsecured, making them a prime target for hackers looking to steal your personal information. Here's why you should be cautious and how to protect yourself! ☠ The Risks of Public Wi-Fi: ☠ 🚫 Man-in-the-Middle Attacks: Hackers can intercept data between your device and the network, gaining access to sensitive information like login credentials or banking details. 🚫 Unencrypted Connections: Many public Wi-Fi networks are not encrypted, meaning the data sent over the network is exposed and can be easily accessed by others. 🚫 Fake Wi-Fi Networks: Cybercriminals sometimes create fake Wi-Fi hotspots with names similar to legitimate networks, tricking users into connecting and capturing their data. 🚫 Malware Distribution: Connecting to a compromised public Wi-Fi can lead to malware being downloaded onto your device, putting your data at risk. 😎 Best Practices for Staying Safe 😎 ✅ Use a VPN: Always use a Virtual Private Network (VPN) when connecting to public Wi-Fi. A VPN encrypts your internet connection, making it much harder for hackers to intercept your data. ✅ Avoid Accessing Sensitive Information: Avoid logging into your bank accounts or entering sensitive passwords when connected to public Wi-Fi. ✅ Forget the Network After Use: Once you’re done using the Wi-Fi, make sure to disconnect and forget the network to prevent automatic reconnections. ✅ Enable Two-Factor Authentication (2FA): Use 2FA wherever possible, so even if your credentials are stolen, additional verification will be required to access your accounts. ✅ Turn Off File Sharing: Disable file sharing and AirDrop on your device to reduce the risk of unauthorized access to your files

In August, a Nashville man was indicted for running a "laptop farm." He allegedly convinced companies to hire him as a remote worker but instead of doing the work, downloaded and installed software on company computers that granted access to foreign bad actors posing as workers, breaching company security and funneling money abroad. This may sound like an outlandish story, but easy access to AI-generated audio and video heighten the risk of employee impersonation. Ways for companies to protect against employee impersonation: Before hiring: • Running background checks (and following state/local notice and disclosure requirements) • Vetting educational and employment background • Using secure methods for checking identity and work authorization. Especially for sensitive roles that are fully remote, consider flying the candidate out to meet in person or hiring a vendor who can vet their identity in person. • Requiring employees to sign robust confidentiality agreements During employment • Working with IT/InfoSec to develop best practices for securing company data • Monitoring employee login patterns and downloads • Developing protocols for exchanging money and sensitive information (for example, requiring multiple points of verification) • Even if you don’t regularly work on video, doing this occasionally. • Training managers to keep an eye out for suspicious activity After employment • Reminding employees of their confidentiality obligations • Securing company data immediately upon separation and monitoring use when employees give notice of resignation • Reviewing hardware that is returned and properly wipe equipment What else?

This article highlights a St. Louis federal court indicted 14 North Korean nationals for allegedly using false identities to secure remote IT jobs at U.S. companies and nonprofits. Working through DPRK-controlled firms in China and Russia, the suspects are accused of violating U.S. sanctions and committing crimes such as wire fraud, money laundering, and identity theft. Their actions involved masking their true nationalities and locations to gain unauthorized access and financial benefits. To prevent similar schemes from affecting you businesses, we recommend a multi-layered approach to security, recruitment, and compliance practices. Below are key measures: 1. Enhanced Recruitment and Background Verification - Identity Verification: Implement strict verification procedures, including checking legal identification and performing background and reference checks. Geolocation Monitoring: Use tools to verify candidates’ actual geographic locations. Require in-person interviews for critical roles. - Portfolio Validation: Request verifiable references and cross-check submitted credentials or work samples with previous employers. - Deepfake Detection Tools: Analyze video interviews for signs of deepfake manipulation, such as unnatural facial movements, mismatched audio-visual syncing, or artifacts in the video. - Vendor Assessments: Conduct due diligence on contractors, especially in IT services, to ensure they comply with sanctions and security requirements. 2. Cybersecurity and Fraud Prevention - Access Control: Limit access to sensitive data and systems based on job roles and implement zero-trust security principles. - Network Monitoring: Monitor for suspicious activity, such as access from IPs associated with VPNs or high-risk countries. - Two-Factor Authentication (2FA): Enforce 2FA for all employee accounts to secure logins and prevent unauthorized access. - Device Management: Require company-issued devices with endpoint protection for remote work to prevent external control. - AI and Behavioral Analytics: Monitor employee behavior for anomalies such as unusual working hours, repeated access to restricted data, or large data downloads. 3. Employee Training and Incident Response - Cybersecurity Awareness: Regularly train employees on recognizing phishing, social engineering, and fraud attempts, using simulations to enhance awareness of emerging threats like deepfakes. - Incident Management and Reporting: Develop a clear plan to handle cybersecurity or fraud incidents, including internal investigations and containment protocols. - Cross-Functional Drills and Communication: Conduct company-wide simulations to test response plans and promote a culture of security through leadership-driven initiatives. #Cybersecurity #HumanResources #Deepfake #Recruiting #InsiderThreats

When I first started working with a remote team, I realized that I needed to have a loss-prevention mindset. I couldn't afford to wait for something to go wrong. If confidential info were leaked or there was unauthorized access to your company's financial data, the consequences could be catastrophic. Trust would be eroded clients might leave, and  the financial loss could set you back months or years. I didn't wait for this to happen to me, and neither should you. I never want a situation where there's even a sliver of doubt because I don't want the added stress to distract me from my vision. So, it's important to plug in the holes before they become sinkholes. Here's what you can do: Secure Access ‣ Implement multi-factor authentication (MFA) for logins and regularly review and update access permissions. Regular Reviews ‣ Employees leaving the team or changing roles should have their access revoked or adjusted accordingly. Confidentiality Agreements ‣ Have all team members sign confidentiality agreements (NDAs). Open Communication ‣ Regularly discuss the importance of data security with your team. Data Encryption ‣ Encrypt sensitive data both in transit and at rest. Backup Systems ‣ Implement backup systems for your data. Education and Training ‣ Phishing scams and social engineering attacks constantly evolve, so keep your team informed. Create an access repository sheet ‣ This document should list all authorized users, their access levels, and the specific systems they can access. Take proactive steps now to protect your business before it's too late. Helpful?  ♻️Please share to help others. 🔎Follow Michael Shen for more.

𝐀𝐜𝐡𝐢𝐞𝐯𝐢𝐧𝐠 𝐒𝐎𝐂2 𝐚𝐧𝐝 𝐇𝐢𝐓𝐫𝐮𝐬𝐭 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐟𝐨𝐫 𝐑𝐞𝐦𝐨𝐭𝐞 𝐎𝐟𝐟𝐢𝐜𝐞𝐬 In today's rapidly evolving business landscape, remote work has become the norm rather than the exception. Ensuring compliance for remote offices presents unique challenges, but it's a journey I've navigated successfully for multiple companies. Here’s how I’ve helped companies with remote offices achieve SOC2 and HiTrust compliance: 1. 𝐑𝐨𝐛𝐮𝐬𝐭 𝐏𝐨𝐥𝐢𝐜𝐢𝐞𝐬 𝐚𝐧𝐝 𝐏𝐫𝐨𝐜𝐞𝐝𝐮𝐫𝐞𝐬:    - Developed comprehensive policies and procedures tailored to remote environments, ensuring they are as stringent and effective as those in traditional office settings. 2. 𝐀𝐝𝐯𝐚𝐧𝐜𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐌𝐞𝐚𝐬𝐮𝐫𝐞𝐬:    - Implemented advanced security measures, including VPNs, encrypted communications, and endpoint protection, to safeguard sensitive data accessed remotely. 3. 𝐑𝐞𝐠𝐮𝐥𝐚𝐫 𝐀𝐮𝐝𝐢𝐭𝐬 𝐚𝐧𝐝 𝐀𝐬𝐬𝐞𝐬𝐬𝐦𝐞𝐧𝐭𝐬:    - Conducted regular internal audits and assessments to ensure ongoing compliance and identify any vulnerabilities specific to remote operations. 4. 𝐄𝐦𝐩𝐥𝐨𝐲𝐞𝐞 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠 𝐚𝐧𝐝 𝐀𝐰𝐚𝐫𝐞𝐧𝐞𝐬𝐬:    - Launched continuous training programs to educate remote employees on compliance requirements and best practices, fostering a culture of security and vigilance. 5. 𝐑𝐞𝐦𝐨𝐭𝐞 𝐌𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐚𝐧𝐝 𝐈𝐧𝐜𝐢𝐝𝐞𝐧𝐭 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐞:    - Established remote monitoring systems and incident response plans to quickly detect and address any security incidents, minimizing potential risks. Helping companies adapt to the new normal while maintaining the highest standards of security and compliance has been incredibly rewarding. If you're navigating the complexities of #SOC2 and #HiTrust compliance in a remote work setting, let's connect and discuss how we can achieve your compliance goals together. #SOC2 #HiTrust #RemoteWork #Compliance #DataSecurity #Infosec #CyberSecurity #RemoteOffices