Staying cyber safe whilst working from home during Covid-19
27 March 2020
Thousands of people are now working from home for the first time due to the coronavirus outbreak and with this comes some security challenges and risks for businesses.
Companies need to keep their employees, devices, and infrastructure safe from cyber threats which is more difficult with staff working remotely and many were not prepared for this sudden change.
Senseon, Cyber Security Experts, released a great article outlining the measures that can be taken to ensure company’s have the best defences in place during these uncertain times.
Take a look at the checklist below or find out more at Source: Mollie Payne March 13, 2020 www.senseon.io/blog/covid-19-top-security-tips-to-keep-your-team-safe-whilst-working-from-home
It should go without saying, but enforcing the use of strong passwords are the most basic steps to protecting devices and data. This is especially true when devices are leaving your place of work.
Secure physical assets
With limited or no on-site presence it is important to make sure devices are secured to protect them from both theft and tampering. Workstations, for example, that are no longer in use should be encrypted by default and powered down. Where possible lock devices away rather than leaving them on desks.
An empty office could also provide an opportunity to arrange a deep-clean of desks, shared spaces and germ-catching keyboards.
Consider updating your BYOD policies
For individuals without laptops, you may have to relax your BYOD policy to include the use of personal devices to enable staff to work remotely. This of course comes with risks as personal devices generally have poorer security measures than corporate devices. Where possible, encourage the steps in this guide are implemented to keep your organisation’s data secure.
In the event of your organisation introducing working from home measures, it is likely that they will also have introduced a contingency plan that may outline how they intend to deal with potential challenges. For organisations with physical hardware, such as on-premise servers, critical skill sets may be required to provide support or maintenance. Having dedicated members responsible for specific locations to ensure that critical staff responsible for operations stay separated ensures that 50% capacity is retained should one group have to self-isolate.
Communication and training
For many, the transition to working from home will be disruptive for both employees and the IT and security team. The transition could come with its own distractions which could lead to staff not following general guidelines or company security policy. Sending a message to your team to remind them of security policies may go some way in making them think twice before installing that browser plugin or clicking a malicious link.
Secure collaboration tools, such as Slack and Zoom are convenient and secure ways for teams to communicate. Where possible ensure collaboration tools offer end-to-end encryption and store data privately.
Use a trusted VPN
Many organisations will have a virtual private network (VPN) for its traveling workforce or for devices that leave the corporate network.
Organisations with VPN capabilities already in place may wish to review whether they can support the increase in data consumption that mass working from home would bring. Otherwise, they could risk very slow connections or a loss of connection entirely which could impact the performance of your workforce.
For organisations without a VPN in place, there are plenty of trusted open-source options available but you will need to consider the hardware and setup implications involved.
Encourage staff not to install their own VPN software. There are many examples of malware masquerading as free VPN software.
Remind travelling staff to check local laws as VPNs are illegal in some countries.
Avoid public WiFi
Public WiFi should be discouraged on any corporate device without a VPN in place and active. Alternatively, staff may wish to tether to a mobile device with a 4G or 5G connection. Whilst this is far more secure than public WiFi you may wish to consider the cost to the business in data and roaming charges.
Ensure anti-virus software is up-to-date
Anti-virus can only detect threats based on previously seen attacks. Make sure all devices leaving the office have anti-virus installed or where already in place that they are updated.
Make sure devices and operating systems are up-to-date
Updates to operating systems can fix vulnerabilities that can be exploited. Make sure all devices are updated.
Encrypt hard drives
An often overlooked consideration, devices carrying sensitive information outside of the corporate network should have encrypted disks. Workstations remaining in the office unattended should also have their disks encrypted.
Ensure that staff know how to report suspicious activity
Attackers and scammers have been known to exploit heightened emotions and panic. With staff outside of their regular routine and normal company communications impacted it is important they stay vigilant. Remind staff how to report suspicious activity, such as suspected phishing campaigns, and praise individuals who do.
Dealing with unusual behaviour alerts
IT and security teams may feel the burden caused by tools that rely on unusual behaviour or basic anomaly detections during this time. Such tools tend to over-alert because they cannot understand the difference between unusual and malicious behaviour. Unfortunately, people and devices frequently behave strangely, making understanding unusual versus malicious very difficult.
This problem could be exacerbated by hundreds of devices suddenly in use from new locations and at unusual times of the day.
Where possible, analysts or IT teams may wish to configure their systems to suppress alerts directly caused by large amounts of employees working from home. Caution should always be taken when suppressing alerts as important behaviour or genuine threats could get filtered out.