Ensuring the security of confidential company information during remote access of an employee
DOI:
https://doi.org/10.47813/2782-2818-2023-3-2-0234-0242Keywords:
remote work, secure access, confidential information, data encryption, multi-factor authentication, VPN, monitoring and auditing, employee educationAbstract
The rapid growth of remote work has introduced new challenges and concerns regarding the security and confidentiality of company information. With employees accessing sensitive data from various locations and devices, ensuring the protection of confidential information has become a critical priority for organizations. This article examines the challenges associated with secure access to confidential company information in a remote work environment and explores potential solutions and best practices. The first challenge lies in establishing a secure connection between remote employees and the company's network. Virtual Private Networks (VPNs) have emerged as a widely adopted solution for encrypting data transmissions and providing secure remote access. However, organizations must carefully configure and maintain their VPN infrastructure to mitigate vulnerabilities and protect against unauthorized access. Another critical challenge involves user authentication and authorization. Traditional password-based authentication mechanisms are increasingly vulnerable to sophisticated attacks, necessitating the adoption of multi-factor authentication (MFA) techniques. MFA combines multiple factors, such as passwords, biometrics, and security tokens, to strengthen access controls and verify the identities of remote employees. Data encryption plays a crucial role in safeguarding confidential information during transit and storage. Advanced encryption algorithms and robust key management systems are essential to prevent unauthorized access to sensitive data. Additionally, organizations should enforce strong security policies, such as regular password changes and data classification protocols, to further enhance data protection. Moreover, employee education and awareness are critical components of a comprehensive security strategy. Organizations should provide regular training on secure remote work practices, emphasizing the importance of strong passwords, secure Wi-Fi networks, and phishing prevention. By addressing the challenges associated with secure access to confidential company information in a remote work environment and implementing appropriate solutions and best practices, organizations can significantly enhance their information security posture and protect sensitive data from unauthorized access.
References
Сухостат В. В. Теория информационной безопасности и методология защиты информации. СПб: Университет ИТМО; 2018.
Хорев А. А. Организация защиты информации от утечки по техническим каналам. М.: МО РФ; 2017. 316.
Мухаметьянова А. Р. Особенности защиты информации на предприятии от утечки по техническим каналам. Уфа: Башкирский гос. ун-т; 2019. 56.
Нуриев С. А., Карцан И. Н. Роль пространственной киберинфраструктуры в геоинформационных системах. E3S Web of Conferences. 2023; 389: 04023. doi.org/10.1051/e3sconf/202338904023
Карцан И. Н., Контылева, Е. А. Глубокий интернет вещей. Современные инновации, системы и технологии. 2023; 3(2): 0201-0212. https://doi.org/10.47813/2782-2818-2023-3-2-0201-0212
Maddox A., Barratt M.J., Allen M., Lenton S. Constructive activism in the dark Web: Cryptomarkets and illicit drugs in the digital demimonde. Inf., Commun. Soc. 2016; 19(1): 111-126.
Аверьянов В.С., Каричев А.А., Карцан И.Н. Об атаках с явным исходом динамических переменных и криптостойкости ключей безопасности квантовых систем. Математические методы в технологиях и технике. 2022; 12(1): 29-34.
Жуков А.О., Карцан И.Н., Аверьянов В.С. Кибербезопасность Арктической зоны. Информационные и телекоммуникационные технологии. 2021; 51: 9-13.
Mishra P., Pilli E.S., Varadharajan V., Tupakula U. Intrusion detection techniques in cloud environment: A survey. J. Netw. Comput. Appl. 2017; 77: 18-47.
Chang D., Ghosh M., Sanadhya S.K., Singh M., White D.R. FbHash: A new similarity hashing scheme for digital forensics. Digit. Invest. 2019; 29: S113-S123.
Ahmed M., Mahmood A.N., Islam M.R. A survey of anomaly detection techniques in financial domain. Future Gener. Comput. Syst. 2016; 55: 278-288.
Жукова Е.С., Карцан И.Н. Обеспечение конфиденциальности информации в центре управления полетами. Вестник Сибирского государственного аэрокосмического университета им. академика М.Ф. Решетнева. 2009; 3(24): 93-97.
Карцан Р.В., Жукова Е.С., Карцан И.Н. Универсальное программное обеспечение по типу «Каркас». Актуальные проблемы авиации и космонавтики. 2012; 1(8): 356-357.
Карцан Р.В., Карцан И.Н. Дактилоскопия биометрический метод идентификации на режимном предприятии. Актуальные проблемы авиации и космонавтики. 2013; 1(9): 405-406.
Гурьянов К.В., Шатило Я.С. Организация противодействия распространению наркотиков через интернет. Антинаркотическая безопасность. 2016; 1(6): 101-108.
REFERENCES
Suhostat V. V. Teoriya informacionnoj bezopasnosti i metodologiya zashchity informacii. SPb: Universitet ITMO; 2018.
Horev A. A. Organizaciya zashchity informacii ot utechki po tekhnicheskim kanalam. M.: MO RF; 2017. 316.
Muhamet'yanova A. R. Osobennosti zashchity informacii na predpriyatii ot utechki po tekhnicheskim kanalam. Ufa: Bashkirskij gos. un-t; 2019. 56.
Nuriev S. A., Karcan I. N. Rol' prostranstvennoj kiberinfrastruktury v geoinformacionnyh sistemah. E3S Web of Conferences. 2023; 389: 04023. doi.org/10.1051/e3sconf/202338904023 DOI: https://doi.org/10.1051/e3sconf/202338904023
Karcan I. N., Kontyleva, E. A. Glubokij internet veshchej. Sovremennye innovacii, sistemy i tekhnologii. 2023; 3(2): 0201-0212. https://doi.org/10.47813/2782-2818-2023-3-2-0201-0212 DOI: https://doi.org/10.47813/2782-2818-2023-3-2-0201-0212
Maddox A., Barratt M.J., Allen M., Lenton S. Constructive activism in the dark Web: Cryptomarkets and illicit drugs in the digital demimonde. Inf., Commun. Soc. 2016; 19(1): 111-126. DOI: https://doi.org/10.1080/1369118X.2015.1093531
Aver'yanov V.S., Karichev A.A., Karcan I.N. Ob atakah s yavnym iskhodom dinamicheskih peremennyh i kriptostojkosti klyuchej bezopasnosti kvantovyh sistem. Matematicheskie metody v tekhnologiyah i tekhnike. 2022; 12(1): 29-34. DOI: https://doi.org/10.52348/2712-8873_MMTT_2022_12_29
Zhukov A.O., Karcan I.N., Aver'yanov V.S. Kiberbezopasnost' Arkticheskoj zony. Informacionnye i telekommunikacionnye tekhnologii. 2021; 51: 9-13.
Mishra P., Pilli E.S., Varadharajan V., Tupakula U. Intrusion detection techniques in cloud environment: A survey. J. Netw. Comput. Appl. 2017; 77: 18-47. DOI: https://doi.org/10.1016/j.jnca.2016.10.015
Chang D., Ghosh M., Sanadhya S.K., Singh M., White D.R. FbHash: A new similarity hashing scheme for digital forensics. Digit. Invest. 2019; 29: S113-S123. DOI: https://doi.org/10.1016/j.diin.2019.04.006
Ahmed M., Mahmood A.N., Islam M.R. A survey of anomaly detection techniques in financial domain. Future Gener. Comput. Syst. 2016; 55: 278-288. DOI: https://doi.org/10.1016/j.future.2015.01.001
ZHukova E.S., Karcan I.N. Obespechenie konfidencial'nosti informacii v centre upravleniya poletami. Vestnik Sibirskogo gosudarstvennogo aerokosmicheskogo universiteta im. akademika M.F. Reshetneva. 2009; 3(24): 93-97.
Karcan R.V., Zhukova E.S., Karcan I.N. Universal'noe programmnoe obespechenie po tipu «Karkas». Aktual'nye problemy aviacii i kosmonavtiki. 2012; 1(8): 356-357.
Karcan R.V., Karcan I.N. Daktiloskopiya biometricheskij metod identifikacii na rezhimnom predpriyatii. Aktual'nye problemy aviacii i kosmonavtiki. 2013; 1(9): 405-406.
Gur'yanov K.V., SHatilo YA.S. Organizaciya protivodejstviya rasprostraneniyu narkotikov cherez internet. Antinarkoticheskaya bezopasnost'. 2016; 1(6): 101-108.
Downloads
Published
How to Cite
Conference Proceedings Volume
Section
License
Copyright (c) 2023 S. A. Nuriev, I.N. Kartsan
This work is licensed under a Creative Commons Attribution 4.0 International License.
The journal MIST - "Modern Innovations, Systems and Technologies" publishes materials under the terms of the Creative Commons Attribution 4.0 International (CC BY 4.0) license, hosted on the official website of the non-profit corporation Creative Commons:
This work is licensed under a Creative Commons Attribution 4.0 International License.
This means that users can copy and distribute materials in any medium and in any format, adapt and transform texts, use content for any purpose, including commercial ones. At the same time, the terms of use must be observed - an indication of the author of the original work and the source: you should indicate the output of the articles, provide a link to the source, and also indicate what changes have been made