Segurización del puesto de trabajo: entorno nube y conexión remota

Abstract

Since many decades ago, information systems have become a key piece for organizations, public or private, getting even the status of business core for some of them. Today, each govern or corporate entity has a backbone information system to hold its communications, supporting processes and governing data. In fact, these systems have helped entities to keep business continuity during the difficult period the humankind has (and still is) faced due to the global COVID-19 pandemic and, in some cases, even grow the business. This brand new paradigm has brought not just benefits and positive effects, but also a huge growth of cybercrime, causing many times a remarkable impact in organizations finances or reputation. Taking the advantage of the restrictions and telecommuting increasing caused by the pandemic, since early 2020, cyberattacks have skyrocketed its numbers and results. As the security manufacturer Checkpoint highlights on his “Cyber Attack Trends: 2021 Mid-Year Report” [1], cyberattacks addressed to organizations have globally grown in 29% during the first half of 2021, specifically for EMEA as the most affected region (they have grown a 36%). Ransomware and supply chain attacks have registered the highest growth due to the rush in deploying remote non-secured connection for workers. Kaseya and Colonial Pipeline attacks showed the damage these attacks can do, not just to the target organizations but also to clients or partners. It is important to keep in mind that many of these attacks find their origin in less relevant incident related to individuals, obsolete systems, non-secure passwords or unattended subnets within the organization’s network. One of the most used ways to get access is to get advantage of the rawness or naivety of some users who do not have deep tech knowledge because they do not need it to perform their work. As the vol. 6 of “Spear Phishing Report” from Barracuda Network states, in July 2021 [2], an average organization receives around 700 social engineering attacks per year. It is the aim of this document to design a properly secured workplace able to face any threat or manage possible attacks successfully that could happen in the current and future telecommuting scenario. The scope of this document is limited to a specific scenario, focused on Microsoft technologies due to its broad market penetration in principal systems like operative systems (Windows and Windows Server) and cloud services (Office 365 and Azure).