After the pandemic: Information security in the conditions of the new “normal”

rakhirhif8963 · Post by **rakhirhif8963** » Tue Feb 11, 2025 5:25 am

Self-isolation is ending. Regions, including Moscow, are gradually exiting the special regime.

Companies are currently deciding what their new “normal” format of work will be. According to a survey by the Center for Strategic Research, about 70% of employers expect to maintain remote work for their employees. This means that when the self-isolation regime is lifted, most companies will not return to their usual way of life, and some will remain on a permanent “remote” basis.

Today, one of the most important factors for the stable functioning of a business is how sufficient the measures taken to ensure security will be in the conditions of the new “normal”.

Information security during self-isolation
Many companies switched to remote work as a denmark whatsapp data of urgency. The main requirement was to ensure the operability of the IT infrastructure and access to the information system so that the business would not stop and the company would continue to operate in the normal mode. For this purpose, temporary solutions were used, using non-optimal service connection schemes from the point of view of information security. Attention to information security was paid on a residual basis, since information security is a supporting process.

All this has led to a blurring of the external perimeter and increased opportunities for attackers. For example, according to Rostelecom-Solar, the number of services available via the RDP protocol increased by 15% in the first week of self-isolation alone, and the number of information systems brought to the external perimeter has also grown. Previously, these services were only available within the organization's network and were not subject to such a massive onslaught of password guessing attempts (brute force), exploitation of vulnerabilities for the purpose of penetration. Companies have installed new doors labeled "service entrance" without taking care to ensure their security or at least control, and now this has become a potential additional entry point for attackers.