COVID-19: Helping to secure a rapidly remote workforce

As organizations manage an influx of newly connected remotely connected devices, they may not have the resources or lack the basic telework security practices to protect devices from cybersecurity threats. Organizations that issue approved corporate-owned devices may have the appropriate security measures. Still, as more of the workforce shift to work-from-home, those same security measures afforded by the corporate network may be reduced significantly for the non-approved devices. The attack surface for remote users is becoming more of a challenge for organizations.

What are the security risks?

Hackers are still on the same job, looking to steal sensitive data. Hackers use numerous ways to compromise a system and steal information, but the most common attack vector remains phishing scams. These are fraudulent attempts to steal information such as usernames, passwords, etc.… to gain unauthorized access for data theft. Once hackers gain access to networks, applications, and data, it’s game over! More now than ever, organizations must be aware of and reduce risk.

Most of the employees are now routinely accessing corporate data via connecting over the internet from mobile devices (i.e., laptops, remote desktops, smartphones, tablets, wearables) along with their home computing, which widens the attack vector and increases the risk of data loss. Organizations are concerned with data confidentiality and protecting their data. With the recent increase of Data Breaches in the news today, security breaches can cause significant financial losses and affect an organization’s reputation, so it’s essential to implement security measures to prevent security incidents.

The most common attacks are social engineering tactics such as spam and phishing attacks that entice users to request urgent requests. These attacks trick users into clicking on a fraudulent link via (email, website, text messages, etc..) and disclose sensitive information such as usernames, passwords, credit card information, etc.… This common tactic is also very effective at spreading malware. Cybercriminals are targeting individuals with bogus “Coronavirus” spam campaigns. Work-from-home workers should be conscientious and be suspicious of fraudulent activity.

Security Best Practices:

We can take measurable steps to help reduce risk, being aware of threats, and taking steps to improve security. Here’s a quick summary of a security strategy.

Connect to a secure network.

Do not use free public Wi-Fi to access work accounts. Attackers can spoof wireless network connections and be lurking for victims to hack. Public Wi-Fi networks do not protect you from the attacker. It is relatively easy for hackers to spin up a fictitious wireless network and lure victims into connecting; this increases risk. Use company-issued Virtual Print networks (VPN) to access work accounts or turn on your Wi-Fi hotspot on your mobile device.

Don’t trust unsolicited links and attachments in an email.

Please be suspicious of links and attachments in your email. Verify connections and, if necessary, go directly to a reputable website to access the content. Most importantly, never give out personal or sensitive information based on an email and don’t click on attachments; those attachments could have embedded with malware. Organizations can implement anti-malware/virus software protection to monitor and detect malicious links. Implement host-based or network intrusion detection controls for additional protection. The best approach for organizations is to provide organization-wide security awareness training to employees to help reduce risk.

Secure login credentials.

Accessing multiple systems and remembering multiple passwords can be a challenge; however, don’t create simple passwords for access. Create complex or unique passphrases so that attackers have a more difficult time cracking passwords. Organizations can reduce this risk by enforcing password management policies that are in line with corporate security policies. Furthermore, user accounts can have enhanced with multi-factor authentication (MFA) and Single Sign-On (SS0) solutions.

Manage and control privileged account access.

If an attacker obtains the keys to the kingdom, it’s game over. If an attacker’s phishing attack is successful, the hacker could access critical system applications and data if the stolen credentials have privileged access. Set up regular user accounts using the principle of least privileged. Limit user access rights to the bare minimum. If user accounts require full administrative rights, manage and control those accounts using a privileged access management solution (PAM) and monitor activity.

Keep applications and operating systems current with updated patches.

Follow the vendor guidelines for running the most updated versions of the software. Updates, patches, and hot-fixes include essential changes that improve the performance of security for your devices.

This list is not a comprehensive list of best practices, but it’s an excellent start to address common security gaps if you’re experiencing some of these security challenges.

Please leave your thoughts in the comments sections and let me know what you’re doing to protect yourself.