Responding to the unknown: Establishing a proactive cyber security strategy in an age of Coronavirus

As coronavirus continues to spread across the world, many businesses are neglecting to shore up their cybersecurity defences for their new remote workforce. With BYODs (bring your own devices) looking set to become ever more popular, criminals are looking to take advantage of vulnerable devices, networks and people. As such, business leaders need to ensure they are implementing a proactive cyber security strategy to maintain safety and security going forward.

1. Account security

Companies should ensure multi-factor authentication is enabled on all accounts, as this works by forming

an extra layer of security over any applications that your workers might need to use or access via their

electronic devices when working at home.

SMS-based two-factor authentication is suitable for low risk assets, involving one-time passwords sent by

SMS. However, there are still some vulnerabilities around SMS; passwords sent via SMS can be seen if

lock-screen notifications are enabled, and SIM cards can be removed and installed in another smartphone,

while password-bearing SMS messages can be intercepted by a Trojan inside a smartphone.

Authenticator apps are better if possible. These involve one-time codes being generated using a small and

usually very simple authenticator app. Authenticator apps don’t rely on a carrier; codes stay with the app

even if a hacker gains access to your number and switches it to a new phone, while the codes expire very

quickly, often after 30 seconds.

Password managers are also encouraged to support good password hygiene. These function by creating

and logging unique passwords for each login, which are collated in a safe space, with encryption used as

a further defence against cyber attack.

Even more robust are MFA products such as Okta and Duo, which can secure access to all business

accounts by authenticating all employees’, partners’ and customers’ identities, using an admin portal

to enforce MFA across an organisation with policies that impose contextual-based login challenges.

While these approaches can improve account security, your first line of defence is in applying the principle of least privilege and allowing specific people access only to things they need.  This reduces the number of individuals accessing sensitive data, and the risk of your security being compromised.

2. Endpoint security

If the laptops and computers your workers are using from home are not protected, malware and viruses can easily enter the system. As such, the devices your employees are using to carry out remote tasks need to be patched regularly. Patch management involves acquiring, testing and installing multiple patches, or code changes, on existing applications and software tools on a computer, so that systems can stay up to date on existing patches. These can fix problems with different versions of software and detect any lack of security features or other upgrades.

Anti-virus scans must also be run regularly to ensure that a computer’s security is up to date and newer threats cannot and have not penetrated your system’s defences. Setting security software to check for updates at least once a day is a good idea so that there is protection against new threats as they emerge. 


3. Phishing protection

Phishing is now the top social attack on businesses, responsible for more than 90% of security breaches. Since no cybersecurity can defend against 100% of all attacks, your workers need training to ensure they are aware of what to look out for and how to protect themselves from any such attacks. This reduces the likelihood of a worker opening a suspicious email or engaging in any other way with phishing scams or other cyber attacks.

Now is a crucial time to refresh awareness on the most common phishing techniques, and the internal procedures your business has in place for reporting suspicious emails. Make sure your staff are well-educated particularly about ways that cyber criminals are taking advantage of the ongoing coronavirus crisis.

4. Network security

Organisations also need to ensure adequate network security is in place to prevent and protect against unauthorised intrusion into corporate networks. Most cloud apps use TLS 1.2 or above (Transport Layer Security) so are secure. This is a widely adopted security protocol designed to facilitate privacy and data security for all communications via the internet, and often involves the encryption of communication between web applications and servers, like web browsers loading a web page, or for email, messaging and VOIP.

If you are enabling remote access to previously internal-only applications, you should use a VPN to provide robust network security, so that the appropriate encapsulation and authentication systems are able to protect your data. Suggest employees look to their own Wi-Fi security as well. Encourage workers to change router passwords away from default values, and to make management console passwords more secure. 

Business leaders should also look to apply best practice to any video or call conferencing being carried out to protect against unauthorised access. Workers must not advertise the meeting, and should apply a password, as well as logging all attendees present in the meeting at all times.

5. Give IT a break

IT teams are the most stretched at present, as they help businesses to adapt their IT processes to these new ways of working. Companies must therefore help them to maintain business as usual by ensuring they are not pressured to undermine security at any point. If your IT professionals are not prioritising a certain task, and providing you with appropriate reasoning for that, your staff must trust their expertise and remain patient. 


6. Be reasonable

Keep in mind that working from home dissolves the separation between work and personal lives to some degree, and that people may feel unable to switch off. Remember everyone is dealing with problems during this difficult time, and that typical ways of getting help and collaborating aren’t always going to work remotely. This time calls for more patience from everyone for one another if businesses are to maintain a feeling of togetherness and support each other towards a better future.

Business leaders can ensure their organisation remains safe during this shift to remote working by empowering their IT teams and putting in place effective security processes, technologies and training to ensure their team is in the best possible place to defend against threats.

By Laurie Graham, Director of Cyber Security at 6point6

Laurie Graham