日常的生活方式由習慣堆砌而成，迫於全球新冠疫情，人們的工作方式和生活型態也開始有了新的常態（new normal）。然而，多數企業組織對於這樣的轉變並沒有足夠的經驗，以至於沒有相對完善的對策及規劃。礙於疫情關係，許多企業員工開始居家辦公，不過，並非所有企業都可以提供員工居家辦公（work from home）的電腦設備，許多人被迫使用家裡的電腦，也因此產生新的資安破口。

居家辦公的資安隱憂

並非所有人都從事科技相關行業，對資安的認識也不見得足以應付新的挑戰，即使是在雲端或資安領域的專業工作者，遭逢疫情的衝擊而被迫使用私人電腦辦公，通常不會意識到這樣的改變所可能面臨的風險與威脅，例如：上網時執行自動儲存密碼、家中成員不知不覺造訪不安全的網站、下載遭病毒感染的檔案、使用久未更新或缺乏資訊安全的軟體等，這些行為可能會讓公司遭到勒索病毒攻擊，也讓公司的重要資料暴露在極高的風險中。

因此，企業的 IT 部門開始嘗試制定新的資安政策規範，告訴員工居家辦公時什麼可以做，什麼不能做。Paul Valle 為 Security Boulevard 寫的一篇文章中提到：「企業實施居家辦公後，無法如以往的方式部署資安政策規範，所以溝通和不斷地宣導變得極為重要。不要點擊可疑連結、確保系統和掃毒軟體及應用程式定期更新或修補、不要透過私人帳號傳送公司的敏感資訊等」。[1]

新常態下的資安防護建議

許多人不是未意識到平常使用習慣的重要性，就是不確定如何才能最大幅地減少他們在私人電腦上工作時的安全漏洞。這樣的情況下，IT 管理人員雖然無法提供如往常般的資源和現場即時處理，但不代表就無法協助員工。

Sue Poremba 在 Security Intelligence 刊載的文章中提到，「資訊安全培訓是 IT 部門工作內容之一，所以開設相關課程或許是一個選擇。員工可以藉由更頻繁的相關課程去暸解養成良好資安習慣的重要與迫切性，例如 SANS Institute 規劃了居家辦公的資安意識工具包，提供逐步的規劃來快速地提升資安觀念，並包含定義如何教導員工。另外需要特別注意的是，會與哪些部門配合以及如何與員工進行互動和溝通。最後這些為了遠端工作而設計的課程模組，也意味著資安團隊可以就目前的情況，規劃出更符合現況的員工訓練。」[2]

市場研究顧問公司 Canalys 對於新常態下的資安提供了以下結論：

對於新冠疫情的影響或是其他營運上的問題，企業組織必須快速制定相關策略來維持業務持續營運，這類的決策通常以犧牲資訊安全為代價，以營運與業務為優先，繞過公司長期以來的資安政策規範，如此一來，大大地增加了駭客攻擊的風險。另外，居家辦公後員工分別從不同的地點存取公司資訊，有別於以往企業的工作環境，加重了雲端資料的存取，也提高了可能面臨的風險。

面臨這樣的新常態需要新的資安措施。對於這些後疫情的資安問題，不知如何是好嗎？其實都可以透過 Puffin Secure Browser 解決，想知道更多細節請點擊連結。https://www.puffin.com/secure-browser/

延伸閱讀

[1] https://securityboulevard.com/2020/06/4-ways-to-keep-company-data-secure-during-wfh/

[2] https://securityintelligence.com/articles/how-working-from-home-changes-cybersecurity-awareness-training/

[3] https://www.zdnet.com/article/billions-of-records-have-been-hacked-already-make-cybersecurity-a-priority-of-risk-disaster-warns-analyst/

When news came that Google was being sued for tracking users of Incognito Mode, it came as a surprise for many, but not all. As one of the biggest tech behemoths and with the #1 search engine used by the majority of the world, it is not a surprise that they are also collecting information in secrecy. These actions have impacted millions of users since 2016; although Google is planning to discontinue cookies, its reputation has been tarnished.

As a result, other browser companies have stepped up their game to provide the safety and privacy that consumers are after. However…

Now that we are over a year into WFH, it is good to step back and analyze what has changed. Perhaps the biggest shift the world has seen over the last few decades is not only for the tech sector, but lifestyles overall. Work commute times are down to zero, parents can spend more time with their kids and pets, internet connection at home is now essential, and much more.

“Seemingly overnight, employees who’d formerly worked in offices began working from home, many relying on their own computing devices and makeshift network access methods, with IT departments scrambling to protect…

Remote Browser Isolation (or RBI) has become a hot topic, especially during the early stages of WFH due to COVID.

But What Is It Exactly, and Why Does It Matter?

Here is a scenario. Say an individual on their personal home computer opens a file from an email their colleague forwarded, and unaware that it had malicious content hiding within. Not only would their device be compromised, but if the spread is not contained, it can end up causing damage or loss to sensitive company data. …

為了響應同島一命的概念，CloudMosa 宣布將捐贈價值 100 萬美金的資安利器 Puffin Secure Browser 給所有台灣的企業使用者。

即日起，企業的 IT 管理人員均可申請免費使用 Puffin Secure Browser 商務版，提供給同仁免費安裝安全瀏覽器，讓家用或工作電腦都可以在上網瀏覽或存取 Email 時，不再擔心潛藏的資安危機。

新冠疫情肆虐全球，不知不覺已經過了一年半，帶走了許多寶貴的生命，也改變了許多我們原本生活的樣態。幸運的我們，過去一年多一直在台灣過著宛如桃花源般的生活，以致於我們很難體會其他國家的景況。

新冠疫情同時也改變了許多事，最近兩個月台灣疫情急轉直下，雖然在老天爺眷顧下，我們還是過著相對安穩的生活，但工作上，我們也改變了許多。因為學校關閉，很多人開始體會了在家輔導小孩上網學習的新生活，工作上，許多公司也為了保護員工健康，開始施行居家辦公（Work From Home）的制度。

然而，除了適應居家環境處理公事以外，隨之而來的是更大的挑戰！

你的企業網路不再是私人網路

首先要感到頭痛的是企業的 IT 管理人員。

居家辦公後，企業網路延伸到居家網路環境中，即使配備有工作用筆電的朋友，家裡的網路也不見得安全，造成 IT 人員疲於圍堵可能的入侵。更有不少的企業無法配備工作用筆電，使得員工必須使用家用電腦居家完成工作，這樣的潛在威脅更讓 IT 人員頭痛。

根據 Palo Alto Networks 所做的 2021 Unit 42 Ransomware Threat Report ，過去一年企業平均因勒索病毒威脅，損失達 20 萬 美金。

When the term “VPN” is mentioned, it is typically associated with individuals trying to access websites that would otherwise be blocked in their country, or for the super tech-savvy that have much experience in the privacy and security industry to know its benefits. According to Merriam-Webster, VPN stands for “virtual private network, a private computer network that functions over a public network (such as the Internet) and usually utilizes data encryption to provide secure access to something (such as an internal business server or private network).

How does a regular VPN differ from a corporate VPN? According to Dell Technologies…

There are good and bad habits we all have, created over time that become part of our routine. Due to COVID, new ways of working and WFH lifestyle were forced to be adopted around the world. With new environments that many companies have not had much if at all experience of, this results in insufficient preparation and training for employees as well. Instead of designated work computers, many if not most use their own devices to manage both work tasks as well as personal, which can lead to many issues.

Not everyone is in the tech sector, let alone in…

CloudMosa is excited to announce the release of Puffin 365.

You asked, we listened. All the apps you love from Puffin, now as a package. One subscription will cover multiple devices and platforms; Puffin Secure Browser, Puffin Web Browser, Puffin Smart TV, and more. No more worrying about managing various subscriptions like in the past.

Choose between a monthly or annual plan to access anytime, anywhere. Whether for personal use, family, business, or enterprise, there is a plan for everyone.

Head over to https://www.puffin.com/365/ to learn more.