I sat down with Chris Goettl, Sr. Director, Product Management and Phil Richards, VP and Chief Security Officer at Ivanti and we put on our IT security caps for episode four of the Ivanti Insights podcast as we looked ahead to the post pandemic world of security within the Everywhere Workplace. We have a lot to unpack in this episode so buckle up!

Let’s start out by asking ourselves what is the Everywhere Workplace? Over the past year, companies have transformed where and how they enable their employees to work. We’ve learned that people can be productive anywhere when given the right tools and security but it’s also not that simple. Threat actors have increased their activities by specifically targeting remote based workers.

I asked Phil, why? What are the reasons for increased cyberattacks specific to home-based workers? What do you think was Phil’s response?

The Comfort Zone Illusion

Chris pointed out that the tactics of these threat actors have not really changed much either. Hackers are great at one thing – taking advantage of the current situation. The security challenges remain the same from the struggles of vulnerability management to educating users on how to avoid getting hooked and reeled in from phishing attacks. These challenges existed pre-pandemic but now everything is off the network and has shifted to personal devices.

People are in their comfort zones, but so are cyber attackers and now we have some data to back that up.

Ivanti just released a report in February called the 2021 Secure Consumer Cyber Report. More than 2,000 people working from home were surveyed in both the United States and the United Kingdom to understand how their habits may have changed in this pandemic world. One surprising highlight, but is it really surprising, is that 25% of respondents admitted to using their work email or password to access consumer websites and apps like DoorDash, Amazon, and even dating apps. So, what’s the issue? When work emails and passwords are used on these types of sites, they become available for thieves to steal and those credentials are then compromised.

Do you know what all the cool kids in cybersecurity call it when your credentials have been stolen? It’s called being “Pwned.” Check out this website by a Microsoft researcher to find out if you have been Pwned.  

We then moved into an in-depth conversation about passwords. Listen to the full podcast episode and find out what Ivanti’s strategies are for user passwords, learn what Chris teaches his family at home about passwords, and is it possible to live in a world where passwords are no longer needed but we could make it so that environments are secure?

Find out all this and more in the full episode below.

Until next time, keep smiling

Adrian