With the sudden increase in remote working arrangements, many businesses are now conducting the majority of their operations outside the safety of their corporate IT infrastructure.
With this lowering of defenses, experts have started seeing a rapid increase in cyberattacks using customized terms related to the epidemic (ex. “COVID-19”, “COV-2”, and “coronavirus”). From here, bad actors are then using these terms, emotion, alleged expertise, and false urgency to pose as reputable groups such as the World Health Organization (WHO), the Center for Disease Control (CDC), and local, state and federal governments. Targets of these scams are then being tricked into giving up access, information, or installing malicious software.
It’s well known that in times of crisis, human judgement can be degraded, making users as targeted and vulnerable as ever. With the most critical aspects of security functionality now being fully absorbed by laptops and consumer-grade home network equipment, we recommend that organizations reprioritize their information-security priorities with the below considerations.
Your employees are the most vulnerable part of your business, and they are going to face an increasing number of targeted threats while working remotely.
Do your users receive regular cybersecurity education and testing to stay ahead of targeted phishing campaigns and scams related to COVID-19?
Do users have the appropriate network equipment at their home offices to avoid the use of less secure public alternatives?
Do you have monitoring tools in place to scan company fileshares for suspicious user behavior?
Are users trained to save files to the cloud to avoid data loss?
Are workstations backing up critical data to the cloud?
Remote Access Security
Having secure and convenient systems for accessing company resources remotely is arguably the most important concern for any work-from-home arrangement.
Are your externally accessed systems protected by Single Sign-On, like OneLogin,to enforce multi-factor authentication across all key services to prevent bad actors from gaining access?
Are any of your resources hosted at your office or another site with low redundancy? What would happen if your office lost power or internet and no one was there to troubleshoot?
Can your infrastructure, such as your office firewall or VPN appliance, handle the load from increased remote access?
Are you leveraging enterprise-grade cloud filesharing tools, like Egnyte, that are built to handle the high load?
Do users have appropriate home networking equipment that includes a firewall and proper wireless encryption?
Your organization’s devices will be more exposed to physical security risks when accessed outside of your office.
Do you have a central device management tool like Jamf or Intune to ensure workstation logins have a strong password policy?
Do you have automated centralized deployment of the latest security updates and patches to all workstations?
Are antivirus programs installed globally through a central device management system?
Does your IT team leverage DNS filtering software, like Cisco Umbrella, to block malicious domains associated with threats or targeted COVID-19 scams?
Do all your workstations have drive encryption enforced through central device management system to secure them in case of theft?
Can users force the encryption of their network traffic via VPN?
Taking action to address the above concerns is critical to preventing an already difficult circumstance from evolving into a security breach. For Kinetix clients, your Client Success Manager can discuss where your business stands with any of these recommendations.