Login
So you suddenly have a lot of staff working remotely. Telework is not new and a good percentage of the workforce already does so. But the companies who have a distributed workforce had time to plan for it, and to plan for it securely.
A Lot of New Teleworkers All At Once
This event can’t be treated like a quick rollout of an application: there are business, infrastructure, and customer security impacts. There will be an increase of work for help desks as new teleworkers wrestle with remote working.
Additionally, don’t compound the problem. There is advice circulating to reset all passwords for remote workers. This opens the door for increased social engineering to attempt to lure overworked help desk staff into doing password resets that don’t comply with policy. Set expectations for staff that policy must be complied with, and to expect some delays while the help desk is overloaded.
Business continuity issues will arise as limited planning for remote workers could max out VPN licenses, firewall capacity, and application timeouts as many people attempt to use the same apps through a narrower network pipe.
Help Staff Make A Secure Home Office
In the best of times, remote workers are often left to their own devices (pun intended) for securing their work at home experience. Home offices are already usually much less secure than corporate offices: weak routers, unmanaged PCs, and multiple users means home offices become an easier attack path into the enterprise.
It doesn’t make sense to have workers operate in a less secure environment in this context. Give them the necessary security tools and operational tools to do their business. Teleworkers, even with a company-issued device, are likely to work on multiple home devices. Make available enterprise licensed storage and sharing tools, so employees don’t have to resort to ‘sketchy’ or weak options when they exceed the limits for free storage on Dropbox or related services.
A Secure Web Gateway as a service is a useful option considering that teleworkers using a VPN will still likely be split tunneling (i.e. not going through corporate security devices when browsing to non-corporate sites, etc.), unlike when they are in the corporate office and all connections are sanitized. That is especially important in cases where a weak home router gets compromised and any exfiltration or other ‘phone home’ traffic from malware needs to be spotted.
A simple way to get this information out to employees is to add remote working security tips to any regularly occurring executive outreach.
Operational Issues
With a large majority of businesses switching to a work-from-home model with less emphasis on in-person meetings, we also anticipate that malicious actors will start to impersonate digital tools, such as ‘free’ remote conferencing services and other cloud computing software.
Having a policy on respecting telework privacy is a good preventative step to minimize the risk of this type of attack being successful. Remote workers may be concerned about their digital privacy when working from home, so any way to inform them about likely attack methods can help.
Any steps to prevent staff trying to evade security measures out of a concern over privacy are likely a good investment.
Crisis Specific Risks
During any major event or crisis, socially engineered attacks and phishing will increase. Human engineering means using any lever to make it a little bit easier for targets to click on a link.
We’re seeing targeted email attacks taking advantage of this. Some will likely use tactics such as attachments named “attached is your Work At Home Allowance Voucher,” spoofed corporate guidelines, or HR documents.
Sadly, we expect hospitals and local governments will see increased targeting by ransomware due the expectation that payouts are likelier during an emergency.
But Hang On – It Is Not All Bad News
The good news is that none of these attacks are new and we already have playbooks to defend against them. Give a reminder to all staff during this period to be more wary of phishing, but don’t overly depend on user education – back it up with security technology measures. Here are a few ways to do that.
|
|
The post Suddenly Teleworking, Securely appeared first on .
Typically, the International Consumer Electronics Show (CES) gives us a sense of where technology is going in the future. However, this year’s show was arguably more about technology catching up with how the COVID-19 pandemic has reshaped our lives. While gathering in person was not an option, we still had the opportunity to witness incredible technological feats virtually – primarily those meant to help us better adapt to the new normal.
From devices aimed at making the world more sanitary to new work-from-home solutions, here are some of the highlights from this year’s first ever virtual CES:
Every year, CES introduces a plethora of smart home devices aimed at making our lives easier. But now that our homes have expanded beyond where we live to function as a workplace and classroom, companies have developed new gadgets to improve our lives while we stay at home. In fact, the smart home market grew 6.7% from 2019 to 2020 to $88 billion and is expected to reach $246.42 billion by 2025.
This year, Kohler showed off voice control features for its sinks and other fixtures, so homeowners can turn on faucets without touching them. And while every CES is paved with an array of flashy new TVs, LG drummed up lots of excitement with its new 55-inch transparent TV that you can see through when it’s turned off.
From monitors to keyboards and Wi-Fi upgrades to charging stations, plenty of the gadgets coming out of this year’s show were designed to improve the remote work experience. Take Dell’s UltraSharp 40-inch Curved Ultrawide U4021QW Monitor, for example. Ultrawide is the functional equivalent of two 4K monitors side-by-side, but without the seam. Belkin and Satechi also brought their latest charging stations to CES 2021 to improve the home office, allowing users to charge multiple devices at once. With so many companies creating innovative devices to make our work-from-home lives more manageable in the long run, it’s clear that remote work is likely here to stay.
CES 2021 also brought us a whole new lineup of technology designed to help us monitor our health at home. Fluo Labs debuted Flō, a device that stops your body from releasing histamines when pollen, dust, and other allergens enter your body. HD Medical also introduced HealthyU, a device smaller than a GoPro that includes a seven-lead ECG, a temperature sensor, a pulse oximeter, microphones to record heart and lung sounds, a heart rate monitor, and a blood pressure sensor. HealthyU is designed for people with heart issues to keep tabs on their health every day and send that information to their doctors remotely. Not only will these devices enable us to take better care of ourselves if we can’t physically go to a doctor’s office, but they will also enhance our awareness of ourselves and our loved ones.
In 2020, we became hyper-aware of germs and how they can easily spread – one of those ways being on digital devices. While disinfecting these surfaces with an alcohol solution can help, many look to taking a different approach to avoid germ-spreading: touchless technology.
While no one technology can win the battle against the virus, many companies are doing their part to promote a cleaner, healthier future. For example, Plott built a doorbell called the Ettie that can take people’s temperature before they’re allowed to enter. Another company, Alarm.com, created a Touchless Video Doorbell to cut down on the transmission of bacteria and viruses that we otherwise often leave on places we touch. Kohler also built a toilet that flushes with the wave of a hand. As we head further into 2021 and beyond, be on the lookout for more voice-activated and touchless devices to help slow the spread of germs and help us live our lives free from worry.
We’ve become more reliant on technology than ever before to stay connected with loved ones from afar, work from home without missing a beat, participate in distance learning, and find new forms of digital entertainment. But with this increase in time spent online comes a greater risk of cyberthreats, and we must stay vigilant when it comes to protecting our online safety. Hackers continue to adapt their techniques to take advantage of users spending more time online, so we must educate and protect ourselves and our devices from emerging threats. This way, we can continue to embrace new technologies, while we live our digital lives free from worry.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post CES 2021: Highlights From the “Cleanest” Show Yet! appeared first on McAfee Blogs.
Distance and hybrid learning environments are now the norm, and it remains to be seen if or when this will change. To adapt, many schools have adopted new software to support remote classroom management.
One such platform is Netop Vision Pro, a student monitoring system that helps teachers facilitate remote learning. The software allows teachers to perform tasks remotely on students’ computers, such as locking their devices, blocking web access, remotely controlling their desktops, running applications, and sharing documents. However, the McAfee Advanced Threat Research (ATR) team recently discovered multiple vulnerabilities with Netop Vision Pro that could be exploited by a hacker to gain full control over students’ computers.
Let’s dive into these vulnerabilities and unpack how you can help protect your students in the virtual classroom.
Just like a school science project, our researchers created a simulation to test their hypothesis regarding the potential software bugs. The McAfee ATR team set up the Netop software to mimic a virtual classroom with four devices on a local network. Three devices were appointed as students, and one was designated as the teacher. During the setup, the team noticed that there were different permission levels between student profiles and teacher profiles. They decided to see what would happen if they targeted a student profile, since this would likely be the avenue a hacker would take since they could cause more damage. With their experiment set up, it was time for our researchers to get inside the mind of a cybercriminal.
While observing the virtual classroom, the ATR team discovered that all network traffic — including sensitive information like Windows credentials — was unencrypted with no option to turn encryption on during configuration. They also noticed that a student connecting to a classroom would unknowingly begin sending screenshots to the teacher.
Furthermore, the ATR team noticed that teachers would send students a network packet (a small segment of internet data) prompting them to connect to the classroom. With this information, the team was able to disguise themselves as a teacher by modifying their code. From there, they explored how a hacker could take advantage of the compromised connection.
The McAfee ATR team turned their attention to Netop Vision Pro’s chat function, which allows teachers to send messages or files to a student’s computer, as well as delete files. Any files sent by a teacher are stored in a “work directory,” which the student can open from an instant message (IM) window. Based on the team’s discovery that a hacker could disguise themselves as a teacher, it became clear that hackers could also use this functionality to overwrite existing files or entice an unsuspecting student to click on a malicious file.
Of course, remote learning software is necessary right now to ensure that our children stay on top of their studies. However, it’s important that we educate ourselves on these platforms to help protect our students’ privacy. While the Netop Vision Pro student screen shares may seem like a viable option for holding students accountable in the virtual classroom, it could allow a hacker to spy on the contents of the students’ devices. While the functionality allows teachers to monitor their students in real-time, it also puts their privacy at risk.
If a hacker is able to impersonate a teacher with modified code, they could also send malicious files that contain malware or other phishing links to a student’s computer. Netop Vision Pro student profiles also broadcast their presence on the network every few seconds, allowing an attacker to scale their attacks to an entire school system.
Finally, if a hacker is able to gain full control over all target systems using the vulnerable software, they can equally bridge the gap from a virtual attack to the physical environment. The hacker could enable webcams and microphones on the target system, allowing them to physically observe your child and their surrounding environment.
Our researchers reported all vulnerabilities discovered to Netop and heard back from the company shortly after. In the latest software release 9.7.2, Netop has addressed many of the issues the McAfee ATR team discovered. Students can no longer overwrite system files, which could be used take control of the student machine. Additionally, Windows credentials are now encrypted when being sent over the network. Netop also told McAfee that they have plans to implement full network encryption in a future update, which will prevent an attacker from easily monitoring student’s screens and prevent them from being able to emulate a teacher.
While Netop works to remedy these issues internally, there are some critical steps parents can take to help protect and empower your children in the virtual classroom. Check out the following tips to bring you and your family peace of mind while using third-party education platforms:
If your student is required to use Netop Vision Pro or other third-party software while distance learning, have them use this technology on a device strictly used for educational purposes. If the software contains any bugs, this prevents other important accounts used for online banking, emails, remote work, etc. from becoming vulnerable to the software risks.
It’s important to keep in mind that Netop Vision Pro was never intended to be internet-facing or taken off a school network. Let’s look at this scenario through the eyes of a hacker: they will likely try to take advantage of these vulnerabilities by delivering a malicious payload (parts of cyberattacks that can cause harm) or phishing attempts. To protect your students from these threats, utilize a comprehensive security solution like McAfee® Total Protection, which helps defend your entire family from the latest threats and malware while providing safe web browsing.
Educators want to keep their students’ best interest and safety in mind, so talk to your child’s teacher or principal if you ever have concerns regarding the software they are using for distance learning. If your student is required to use Netop, ensure that the teacher or principal is aware of the vulnerabilities listed above so they can be sure to administer the necessary software updates to keep your child and their classmates safe.
A simple yet affective way to prevent hackers from spying on you and your family is to use a webcam cover for when class is not in session. Instruct your student to place a cover over their camera when they are not using it to bring you and your student greater peace of mind.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Keep Remote Classes Safe and in Session: What You Need to Know About Netop Vision Pro appeared first on McAfee Blogs.
Advancements in cloud solutions and collaboration tools in recent years, coupled with the necessity of going remote due to the pandemic, have empowered today’s workforce to choose where they want to work. While the ability to work from anywhere—home, the library, coffee shops or even the beach– gives employees increased flexibility, the shift from the traditional office setting has exposed security and logistical concerns. Remote workers often access sensitive information from unsecured devices and networks, which can result in compromised data and failed privacy compliance. It’s essential for remote workers to practice online safety to minimize the cybersecurity risks to their organizations.
It’s undeniable that the freedom to work from anywhere is an employee perk that organizations must adapt to. Here’s a breakdown of some of the risks of working remotely and what companies can do keep their sensitive information secure, even when outside the safety of their four walls:
Office closures and working-from-home mandates due to COVID-19 permanently changed the way we look at workplace connectivity. A recent Fenwick poll among HR, privacy, and security professionals across industries noted that approximately 90% of employees now handle intellectual property, confidential, and personal information on their in-home Wi-Fi as opposed to in-office networks. Additionally, many are accessing this information on personal and mobile devices that often do not have the same protections as company-owned devices. The elevated number of unprotected devices connected to unsecured networks creates weak areas in a company’s infrastructure, making it harder to protect against hackers.
One technology your organization should be especially diligent about is video conferencing software. Hackers can infiltrate video conferencing software to eavesdrop on private discussions and steal vital information. Many disrupt video calls via brute force, where they scan a list of possible meeting IDs to try and connect to a meeting. Others seek more complex infiltration methods through vulnerabilities in the actual software. Up until recently, Agora’s video conferencing software exhibited these same vulnerabilities.
Hackers will usually try to gain access to these network vulnerabilities by targeting unsuspecting employees through phishing scams which can lead to even greater consequences if they manage to insert malware or hold your data for ransom. Without proper training on how to avoid these threats, many employees wouldn’t know how to handle the impact should they become the target.
Whether you’re connecting from home or from another remote location, it’s critical to practice the same level of care as you would in the office. Here are some quick and essential security safety habits every remote employee should practice.
Phishing is one of the most common methods hackers will deploy to target unsuspecting employees to access sensitive data. In fact, over 63% of Canadian IT executives in a recent poll indicated that ransomware and phishing were the top security concerns for their organizations. Here are some ways you can spot a phishing scam:
Ensure you understand your company’s policies and confidentiality agreements when it comes to sharing files, storing documents, and other online communications. Use company-approved cloud applications that follow strict security standards to avoid inadvertently exposing sensitive company information through unsecured means. This measure can also apply when using video conferencing software. Limit the amount of sensitive information shared via video conferencing platforms and through messaging features just in case uninvited hackers are eavesdropping.
We may have brought work home with us, but nonetheless, we must strive to maintain a work/life balance and set boundaries between our personal and work life. Setting these boundaries makes it easier to separate the technology we use in our life as well. Avoid sharing your company’s devices with family members who are not aware of the best security practices, especially children. Also, keep personal accounts separate from company accounts to prevent sharing information through personal channels.
Given the flexibility to truly work from anywhere, ensure you are connected to a secure network when not connected to your home’s password-protected Wi-Fi. When connecting to an unfamiliar network, always use a VPN to encrypt data and safely share files across the internet, preferably the one your company uses, or check with your IT resource. Take preemptive measures to mitigate exposure by installing antivirus software and firewall protection to scan files and systems and protect against harmful viruses regularly.
While the COVID pandemic has sparked a remote work movement that has changed the way we look at the conventional workplace—introducing greater flexibility and the opportunity to work from anywhere—remote work is well on its way to becoming a permanent fixture in the lives of many. However, the number of employees dispersed across cities and even countries have made it more difficult to secure endpoint devices such as laptops and mobile devices. Moreover, the risk posed by unsecured networks only increases the vulnerabilities of remote workplaces. As more workplaces embrace the benefits of a fully remote workforce, we will need to give more thought to how we can facilitate a secure workplace that is collaborative yet protected. By increasing awareness of potential cyber threats and enhancing security standards for devices and home networks, we can begin to create a safer and more efficient workplace.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post How to Stay Connected and Protected in a Remote Work Environment appeared first on McAfee Blogs.
Learning environments are not what they used to be, and as educational institutions deploy new technology to facilitate a safe and effective remote learning environment, their cyber vulnerabilities also increase. Canadian schools especially have seen a rise in ransomware attacks with the transition to online learning, opening the door for hackers to exploit student data and sabotage academic research. To combat the rising cybersecurity concerns, educators need to implement new measures to uphold secure and efficient distance learning environments without allowing student data and privacy to hang in the balance.
Limiting disruptions remains a high priority for educators as they discover how to manage their remote classrooms. Although many teachers are familiar with supplemental technologies such as tablets and online programs, it’s another matter entirely to be completely dependent on them to support a fully virtual classroom. When investing in online learning tools, educational institutions should not allow their concern for efficiency to overshadow an equally important requirement: safety.
The education sector has seen its fair share of cybersecurity attacks since the widespread shift to remote classrooms. According to Microsoft, the global education industry has the most malware attacks, even more than prominent industries such as business, finance, and healthcare. K-12 schools especially have experienced an uptick in ransomware and Distributed Denial of Service (DDoS). Many Canadian schools are experiencing cyber security incidents, damaging the integrity of their student data and privacy. With hackers consistently seeking to take advantage of the vulnerabilities in new technology, this prompts further discussion into why education is such a highly targeted industry.
The rapid shift to remote learning is an obvious culprit for the increasing threat level, but higher education institutions were already vulnerable before the pandemic. Many students simply lack the proper security awareness when using their online devices. In Morphisec’s CyberSecurity Threat Index, more than 30% of higher education breaches were caused by students falling victim to email scams, misusing social media, or other careless online activities. Budgetary constraints are also to blame for increasing online attacks, as many schools lack adequate funding to support a robust cybersecurity infrastructure. Cybercriminals recognize the vast amount of student data that schools have on record, and this incentivizes them further to infiltrate their systems.
Many of the new remote learning technologies introduced during the pandemic have exposed the risks associated with a lack of stringent security measures. For example, until recently, Agora’s video conferencing software exhibited a vulnerability that would have allowed hackers to spy on video and audio calls. With a growing number of students accessing remote learning technologies through their schools’ networks, it’s especially critical for schools to re-evaluate their security protocols to safeguard their students.
Schools at all levels need to proactively secure their digital technologies and safeguard their students’ data integrity. With the right approach, students and educators can mitigate the risks of cyber threats. Here are four critical cybersecurity steps that schools should take immediately:
It only takes one person to allow a hacker to infiltrate a school system. Digital security training is a must to ensure that students and faculty can recognize and take the appropriate action for suspicious activities like phishing emails. For example, a common cyber threat is when hackers pose as school officials asking for important information such as tax information or identification information.
Since many of the learning technologies on the market are new to students and staff, it’s especially critical to understand the implications of a security breach and the necessary steps to mitigate risks.
2.User Access Control
The principle of “least privilege” can also help avoid a cyber attack. This principle only allows users access to data and systems on a need-to-know basis and can mitigate data breaches that occur via unauthorized or unnecessary access. Hackers often try to infiltrate lower-level devices and accounts as a way to gain access to higher-value accounts and systems. Schools can take action by optimizing a list of what users have access to, which functions they have access to, and why. Ensuring that users have access to only what they need will limit attacks to smaller areas of the system and help protect the security ecosystem as a whole.
An often overlooked but critical cybersecurity protocol is having a robust password management policy. These policies must also be in accordance with provincial and territorial legislation, which set guidelines and rules that govern how students and faculty use their devices and online learning technologies. Password management policies that encourage strong passwords and multi-factor authentication are essential to prevent password sharing and unrestricted access.
Third-party technology vendors have become an integral component of distance learning, but they are also a vulnerability. Educational institutions need to ensure that they are properly managing their technology vendors so their students’ safety is prioritized above all else. Undergoing a thorough vetting process to evaluate third-party technology, as well as vendors’ terms and conditions, will help identify any security gaps that can create greater issues down the road.
The ascendance of distance learning during the pandemic has given educators, students, and parents new insights into both the opportunities and challenges of not being in a physical classroom. One of the most critical is the importance of creating safe and secure virtual environments to ensure that students are safe. Despite the benefits that education technology provides, without proper training or technical safeguards in place, schools and students are left vulnerable to the dangers of external threats. By enhancing awareness of cyber threats and implementing a strong security strategy, educators and parents can start creating safer learning environments for students to thrive.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post Prioritizing Security in a Remote Learning Environment appeared first on McAfee Blogs.
This fall, many students are headed back-to-school full time. However, just as workplaces now accommodate for remote work, schools are accommodating hybrid learning environments. While this may signal the end of things like snow days, it’s also created a new, more flexible style of learning that relies on computers, online connectivity, and apps to connect students with teachers and learning resources. It’s also a trend that’s not without risk, as evidenced by the more than 900 cybersecurity incidents, including personal data breaches, since 2016, according to the K-12 Cybersecurity Resource Center. This new style of learning comes with many implications for cybersecurity that we’ll discuss below, along with ways to protect learners and students of all ages.
Cameras and video conferencing software have become an integral part of the online learning experience. In the early days of 2020, we saw growing pains in the form of Zoom bombing, unintended sharing, and, on the lighter side, people learning to use fake backgrounds with hilarious consequences. And while many of these wrinkles have been smoothed out, for online learners, the fact remains that privacy is at risk anytime they use a camera.
Younger students:
Older students:
The good news is that while we’re all navigating the new world of learning online, there are more tools than ever to help you do so safely. A comprehensive security suite, like one of McAfee’s products, contains many of these security tools in one package, including tools for:
Younger students:
Older students:
Your child or teen’s portal to their online classroom is an important investment. After all, you’ll want them to be able to connect securely, communicate easily, and be able to handle any kind of online work they may need to do. Depending on the age of your child, this device may also have to be bomb-proof. Don’t worry some experts have already done the thinking for you with this list of computers for online learners.
There are many apps being used to facilitate online learning. And chances are, students will have to register, log-in, and provide identification. Regardless of age, here’s what NOT to provide.
Younger students:
Older students:
When students are learning in-person, the concept of being a good citizen is one that’s reinforced in the classroom and on the playground. Online, as students use forums, chats, and even social media to communicate, the concept of digital citizenship is just as important.
There’s a reason elementary schools have recess and high schools have lunch breaks. It gives kids time to step away from the books, stretch their legs, and refresh their minds. The same concept applies with online learning.
Younger students:
Older students:
For more extensive information about any of the recommendations above, please visit these resources.
The post 7 Safety Tips to Schooling in a Digital World appeared first on McAfee Blogs.
As the new school year gets underway, many students will be returning to the classroom in-person, while others will opt to continue hybrid or remote learning indefinitely. Unfortunately, for families choosing the latter, remote learning could come at the expense of their online privacy.
According to the RAND Corporation’s 2020 research report, one in five U.S. school districts plan to offer online learning even after the pandemic ends. Many school districts are waiting to review the Centers for Disease Control (CDC) latest recommendations. Either way, there’s no better time for a data privacy refresh.
Protecting your child’s privacy while remote learning requires a three-part investment of parents, students, and schools. One of the first steps in that direction is to understand your district’s privacy practices. To do that, ask to take a closer look at its approach to data consent, secondary data use, as well as its data collection and retention practices.
According to The Center for Democracy and Technology, there are five areas where schools may put a child’s privacy at risk.
Using student data to assess needs and launch connectivity and device programs can pose a privacy risk.
Ask: To assess overall digital access, the school collected my child’s data. How will that data be used?
Sharing student data with third parties, such as broadband and device providers, is a common practice that can pose a privacy risk.
Ask: To connect my remote learner, the school shared my child’s data with the provider. Can the school ensure that data will be used by the third-party responsibly? May I view the data use policy?
Schools now have apps that allow teachers to monitor student progress.
Ask: With more teacher access to student devices and desktops, how can the school ensure that my child’s other data is secure?
Ongoing security and device management requirements should be established to avoid viruses and malicious activity.
Ask: What security measures are in place on school-owned devices to protect my child’s content or personal information? Will my child’s activity be tracked?
A lack of digital literacy and security knowledge on the part of students, families and even schools can put a child’s privacy at risk.
Ask: What digital literacy resources or training do you offer teachers, staff, students and families?
One sign your child’s privacy is in good hands is if your school has a solid Data Governance Policy (DGP) that staff, teachers, and students follow. A DGP establishes schools processes and structures for overseeing the school’s approach to management, usability, availability, quality and security of data and technology.
Going a step further, a privacy-aware school will engage students, families, teachers, and administrators (and even third-party providers) about the importance of data use and closing privacy gaps.
Rather than make assumptions, discuss what privacy is with your child. For example, with more time online, consider parental controls to filter risky content. Likewise, talk to your child about how to identify phishing scams and consider investing in security software that scans for malware and untrusted sites.
If your child uses video apps such as Zoom to connect remotely, be sure that personal information—such as birthdate, address, photographs, or a nickname—isn’t accidently visible in the background.
Whether your child uses Zoom, a chat app, website or another EdTech platform for learning, set privacy settings to provide maximum protection. Following the directions under “settings” of any new app are fast and easy.
Under FERPA, the Family Educational Rights and Privacy Act, schools must notify you of your right to opt out of Directory Information at the start of the school year. Don’t opt-out? Schools can share Directory Information about their child with third parties without parental or student consent.
If we could point to a positive consequence of the pandemic, it would be that with the sudden spike in connectivity during quarantine, data privacy concerns became more prevalent than ever—that shift deserves an A+. Moving forward, it’s critical for parents and schools to work together to create practices that protect online privacy for all students—on-site or remote.
The post Back-to-School: Privacy Worries in a Remote Learning World appeared first on McAfee Blog.
For Cisco engineers working on Duo, having a remote-first workplace has helped them reach life goals, connect with colleagues around the world, and be intentional communicators. We understand that working remotely can be an adjustment — that’s why we’ve compiled the 10 parts of remote work that surprised our team members most and their advice for navigating the nuances. If you’re interested in being part of a remote-first workplace, check out our open positions.
Senior Engineering Leader David Rines has worked remotely for the past seven years. He’s found that Cisco’s approach to distributed teams has “enabled us to pick up the right talent, and not necessarily local talent. We are moving towards a global, follow the sun environment,” he said.
One of the aspects Rines appreciates most of this structure is getting “a widely varied set of perspectives and experiences that help build a more reliable, more robust product, which is why we’re here.”
Another benefit to having colleagues across the globe is the sharing of recipes, a perk Senior Site Reliability Engineer Bernard Ting particularly enjoys. Proactively communicating with colleagues virtually “helps you to form bonds with people from other teams. You can always learn something new about cultures elsewhere. I talk to people about food and so I’m always gathering recipes from people from all over the world,” Ting shared.
While some may fear that working remotely could lead to feelings of isolation and loneliness, a different camaraderie can flourish in the structure of our distributed teams. With colleagues across time zones, “there’s always someone there who you can reach out to help solve your problem,” Rines said.
Collaboration hours are another way Site Reliability Engineering Manager Jaya Sistla has cultivated virtual community and problem-solving. These hours are blocked off for team members to talk about what they’re working on. “The main thing is being able to ask for help so you don’t go into the rabbit hole debugging things,” Sistla said.
Ting points out that working in a distributed model allows you to really engage in virtual events and conversations. Given that the team mainly communicates through online chat, Ting has found that “forces you to see everyone as equally approachable, which has made me more comfortable reaching out to people from anywhere in the world.”
For folks sharing an office, collaboration can happen through casual chats over coffee. When facing a challenge, you can ask your neighbor for support. While ideally virtual communication could have a similar cadence and spontaneity, the logistics of remote and distributed work require intentionality and being proactive in connecting with colleagues as people and as co-workers.
When Ting first started working remotely, he felt that every meeting needed to be formal and have a business objective. By sharing his feelings with his manager, he was reassured that “socializing is a very important part of teamwork, because if you don’t have a good relationship with your colleagues you’re not going to be able to have healthy discussions, healthy conflict or be able to critique each other when the situation arises.”
Since that conversation, Ting has been more proactive about catching up with colleagues, which can include sharing a coffee over video chat. Duo’s “coffee roulette” formalizes the process as every month, employees who opt in can be randomly paired up for a quick half-hour chat focused exclusively on socializing. Ting has found being proactive about socializing virtually helpful. “It’s made me more intentional with my time and really treasure the social experience you can get,” he said.
Some folks may be concerned that without a manager observing their efforts and work ethic day in and day out, it may be harder to recognize accomplishments and challenges. Ting found that within his team “when you work on projects and in your one-on-ones with your managers, they’re always very intentional about learning what you’ve been doing and seeing what your progress is like on certain projects. I’ve been asked, ‘How do you think you can improve? What are some of the things you’ve been doing outside of the team work?’”
To cultivate cross-team collaboration and education, there are thoughtfully planned virtual lunch and learns. “We schedule training sessions and common meetings at times that are flexible for everyone. If it has to be repeated, we do it so people can comfortably attend rather than stretching themselves and attending at odd hours,” Sistla said.
For Software Engineer Nick Aspinall, an important and fun part of working remotely is keeping in touch with virtual messaging. One unique perk has been getting to create and customize emojis with team members including a few of himself in “various ridiculous states,” he said.
Connecting with colleagues on themed channels focused on personal and professional interests from coffee to pets “makes it really cool because you can meet people across different teams and still get some of the feeling of rubbing elbows that you get when you’re in the office,” Aspinall said. Participating in these virtual conversations boosts morale while also providing an endless supply of cute animal pics.
Given the multi-faceted nature of our work and the importance of consistent information sharing, having different communication channels and formats to communicate data with varying degrees of complexity is vital. Having information readily accessible, accurate and updated is particularly necessary in a field like cybersecurity.
Senior Software Engineer Mario Lopez finds that the variety of information sources contributes to an easeful remote working experience. For instance, for complex architecture decisions or detailing, Duo’s Wiki is the best source.
Software Engineer Hanna Fernandez has benefited from chat channels dedicated to design and engineering topics to “see what everyone’s up to and what thoughts people have,” she said. Sista pointed out these are great places to ask questions and open up dialogue to solve problems.
Our culture is “video-on,” meaning that it is preferred that during video meetings, as much as possible, attendees have their cameras on. Lopez loves this because “you get a bit of that personal human element.”
“We’re all people behind these screens. You definitely get some of people’s personality through text, but you get it more when you actually see them. It’s infectious when you see someone smiling. You’ve got to smile back,” he shared (while we both smiled).
When Fernandez started at Cisco, she was advised to schedule individual meetings with everyone she would be working with on every team that she joined. That suggestion is one she’s applied even virtually.
“It’s a great strategy because I already know that my team is super talented and very smart, but this way I also get to know them as humans beyond their roles,” Fernandez said. Fernandez also finds it important to check in with co-workers and ask how they’re feeling and how their time off was. “I know a lot of people hate small talk, but it’s not just small talk. I’m genuinely interested in how my co-workers are doing.”
One of Ting’s biggest goals was buying his first house in the countryside outside of London. By working remotely, Ting has flexibility in his location which allowed him to achieve his goal of buying a house and settling down with his partner, while giving their dogs the space they need to be dogs.
When transitioning from fully remote to hybrid, it’s important to recognize that there will be some shifts to get accustomed to. As the structures of remote, distributed and hybrid work evolve, it’s important to stay flexible and notice what’s possible through multiple modalities of team building. Many teams have enjoyed in-person gatherings and connecting through virtual lunches and team games when remote.
Fernandez has had multiple roles with multiple structures at Cisco. As an intern, she was fully in person and shared desk space with other interns who collaborated on full stack engineering. While working in finance IT, Fernandez was hybrid and many of her colleagues were distributed among multiple offices. The pandemic began while she was in a DevOps role, forcing her to maintain boundaries around her work time while working fully remotely. In her current role working on Duo, Fernandez is completely remote but advocates for in-person events if possible, because “humans are social creatures who want to see each other’s faces in real life once in a while.”
For Aspinall, “when we did come back to the office, there was a bit of an adjustment period where you were overstimulated from the office.” He also wanted to ensure team members who were 100% remote were fully included. Now he sees that while half his team is fully remote and the other half is hybrid, “that doesn’t stop anyone from doing anything. All of our meetings feel the same. They’re all seamless.”
If you’re interested in joining our team from wherever you are in the world, check out our open roles.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Related tags
FreshRSS