Högskolan i Skövde

his.sePublikationer
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Cybersecurity in home-office environments: An examination of security best practices post Covid
Högskolan i Skövde, Institutionen för informationsteknologi.
2023 (Engelska)Självständigt arbete på avancerad nivå (masterexamen), 20 poäng / 30 hpStudentuppsats (Examensarbete)
Abstract [en]

The rapid growth of remote work has brought new challenges in ensuring cybersecurity in home-office environments. Based on a structured literature review and semi-structured interviews with industry professionals, this study investigates and identifies cybersecurity best practices for home-office environments post Covid and aims to fill existing research gaps by providing valuable new insights. Ultimately, the findings can support organizations and individuals to improve their cybersecurity posture when working from home. 

The findings from the literature review and interviews were merged and presented as consolidated themes, being the main results and contributions of this thesis. Furthermore, the results are reviewed in comparison to two well established standardized frameworks, ISO270001/2 and NIST CSF. The results highlight the importance of implementing easy-to-use functions for employees to report phishing attempts, avoid shaming those who have fallen victim for phishing  attacks and instead learning from their gained knowledge, reviewing and updating VPN configurations to withstand attacks specifically targeting VPN connections, enforcing as much security as possible and including what cannot be enforced in awareness raising programs and training, implementing Multi-Factor Authentication (MFA) via authenticator apps instead of via text-message based methods, and comprehensive security awareness training that is up to date with current trends in cyberattacks and risks. Physical security aspects differ between on-site offices and home-office environments and companies need to take this into consideration and raise awareness to their employees on the risks with working from home. Furthermore, companies need to raise awareness about the risks of using outdated or unsecured devices for work, plug-and-play devices such as routers with pre-configured passwords provided by network providers, and co-living scenarios such as flatmates overhearing sensitive work calls. 

While the reviewed frameworks include guidance in terms of controls for remote work, they do not address the specific case of home-office environments. Existing best practices predominately focus on remote work and while many of them can be useful for home-office work, they are two different strategies and thus differ in terms of risks and threat landscape. With the undeniably huge impact Covid has had on work life, sending complete workforces to their homes, best practices need to be updated by taking the specific challenges of home-office environments into account. 

Since the cyber threat landscape and attack methods continuously change and adapt, conducting an impact assessment of this study’s findings to evaluate their long-term effectiveness and sustainability would be a suitable suggestion for future work to extend this research. 

Ort, förlag, år, upplaga, sidor
2023. , s. 53
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
URN: urn:nbn:se:his:diva-22939OAI: oai:DiVA.org:his-22939DiVA, id: diva2:1779054
Ämne / kurs
Informationsteknologi
Utbildningsprogram
Integritet, informationssäkerhet och cybersäkerhet - masterprogram, 120 hp
Handledare
Examinatorer
Tillgänglig från: 2023-07-03 Skapad: 2023-07-03 Senast uppdaterad: 2023-07-03Bibliografiskt granskad

Open Access i DiVA

fulltext(923 kB)391 nedladdningar
Filinformation
Filnamn FULLTEXT01.pdfFilstorlek 923 kBChecksumma SHA-512
6cd0f7306f009e7317d12aca5f27f6419ddb4356f2ead1cf9514637e03bc8d61ea578dc29f9eafaf5203fade996f71f47112772a6f9015314d45fe4c21370f4d
Typ fulltextMimetyp application/pdf

Av organisationen
Institutionen för informationsteknologi
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 391 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

urn-nbn

Altmetricpoäng

urn-nbn
Totalt: 1504 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf