Responding to the unknown: Establishing a proactive cyber security strategy in an age of Coronavirus
As coronavirus continues to spread across the world, many businesses are neglecting to shore up their cybersecurity defences for their new remote workforce. With BYODs (bring your own devices) looking set to become ever more popular, criminals are looking to take advantage of vulnerable devices, networks and people. As such, business leaders need to ensure they are implementing a proactive cyber security strategy to maintain safety and security going forward.
1. Account security
Companies should ensure multi-factor authentication is enabled on all accounts, as this works by forming
an extra layer of security over any applications that your workers might need to use or access via their
electronic devices when working at home.
SMS-based two-factor authentication is suitable for low risk assets, involving one-time passwords sent by
SMS. However, there are still some vulnerabilities around SMS; passwords sent via SMS can be seen if
lock-screen notifications are enabled, and SIM cards can be removed and installed in another smartphone,
while password-bearing SMS messages can be intercepted by a Trojan inside a smartphone.
Authenticator apps are better if possible. These involve one-time codes being generated using a small and
usually very simple authenticator app. Authenticator apps don’t rely on a carrier; codes stay with the app
even if a hacker gains access to your number and switches it to a new phone, while the codes expire very
quickly, often after 30 seconds.
Password managers are also encouraged to support good password hygiene. These function by creating
and logging unique passwords for each login, which are collated in a safe space, with encryption used as
a further defence against cyber attack.
Even more robust are MFA products such as Okta and Duo, which can secure access to all business
accounts by authenticating all employees’, partners’ and customers’ identities, using an admin portal
to enforce MFA across an organisation with policies that impose contextual-based login challenges.
While these approaches can improve account security, your first line of defence is in applying the principle of least privilege and allowing specific people access only to things they need. This reduces the number of individuals accessing sensitive data, and the risk of your security being compromised.
2. Endpoint security
If the laptops and computers your workers are using from home are not protected, malware and viruses can easily enter the system. As such, the devices your employees are using to carry out remote tasks need to be patched regularly. Patch management involves acquiring, testing and installing multiple patches, or code changes, on existing applications and software tools on a computer, so that systems can stay up to date on existing patches. These can fix problems with different versions of software and detect any lack of security features or other upgrades.
Anti-virus scans must also be run regularly to ensure that a computer’s security is up to date and newer threats cannot and have not penetrated your system’s defences. Setting security software to check for updates at least once a day is a good idea so that there is protection against new threats as they emerge.
3. Phishing protection
Phishing is now the top social attack on businesses, responsible for more than 90% of security breaches. Since no cybersecurity can defend against 100% of all attacks, your workers need training to ensure they are aware of what to look out for and how to protect themselves from any such attacks. This reduces the likelihood of a worker opening a suspicious email or engaging in any other way with phishing scams or other cyber attacks.
Now is a crucial time to refresh awareness on the most common phishing techniques, and the internal procedures your business has in place for reporting suspicious emails. Make sure your staff are well-educated particularly about ways that cyber criminals are taking advantage of the ongoing coronavirus crisis.
4. Network security
Organisations also need to ensure adequate network security is in place to prevent and protect against unauthorised intrusion into corporate networks. Most cloud apps use TLS 1.2 or above (Transport Layer Security) so are secure. This is a widely adopted security protocol designed to facilitate privacy and data security for all communications via the internet, and often involves the encryption of communication between web applications and servers, like web browsers loading a web page, or for email, messaging and VOIP.
If you are enabling remote access to previously internal-only applications, you should use a VPN to provide robust network security, so that the appropriate encapsulation and authentication systems are able to protect your data. Suggest employees look to their own Wi-Fi security as well. Encourage workers to change router passwords away from default values, and to make management console passwords more secure.
Business leaders should also look to apply best practice to any video or call conferencing being carried out to protect against unauthorised access. Workers must not advertise the meeting, and should apply a password, as well as logging all attendees present in the meeting at all times.
5. Give IT a break
IT teams are the most stretched at present, as they help businesses to adapt their IT processes to these new ways of working. Companies must therefore help them to maintain business as usual by ensuring they are not pressured to undermine security at any point. If your IT professionals are not prioritising a certain task, and providing you with appropriate reasoning for that, your staff must trust their expertise and remain patient.
6. Be reasonable
Keep in mind that working from home dissolves the separation between work and personal lives to some degree, and that people may feel unable to switch off. Remember everyone is dealing with problems during this difficult time, and that typical ways of getting help and collaborating aren’t always going to work remotely. This time calls for more patience from everyone for one another if businesses are to maintain a feeling of togetherness and support each other towards a better future.
Business leaders can ensure their organisation remains safe during this shift to remote working by empowering their IT teams and putting in place effective security processes, technologies and training to ensure their team is in the best possible place to defend against threats.
By Laurie Graham, Director of Cyber Security at 6point6