With Coronavirus Pandemic affecting our lives, more and more Companies are adopting Work-from-Home Policies. The age of remote work is upon us and most of us have settled into a routine of working from home. But at the same time, Cybersecurity has become a growing issue. Cybercriminals are seeking every opportunity to exploit Coronavirus and target companies and individuals. They are using COVID-19 themed phishing emails that intend on delivering official information on the virus in order to lure users to click malicious links that download Remote Administration Tools (RATs) on their devices. There have been many reported cases of malicious COVID 19 related Android applications, where cybercriminals have accessed smartphone data or encrypted devices for ransom. Additionally, the pandemic has resulted in the creation of more than a lakh new COVID-19 web domain, which should be treated with suspicion, however not all of them may be malicious. Cyber attackers have been taking advantage of the fact that not many people working from home have applied the same security on their networks that would have been in place in a corporate environment otherwise. They are looking for gaps where enterprises have not deployed the right technologies or corporate security policies to secure all corporate-owned or managed devices with the same security protections, regardless of whether they are connected to an enterprise network or an open home Wi-Fi network. Therefore, it is the responsibility of both employees and business leaders to secure their Organization and make sure that cyberattacks do not further compound the already disrupted work environment.
How Businesses should respond?In this critical time of the pandemic, business leaders must set clear expectations about how their Organizations should empower their employees, leverage new policies and technologies, and manage security risk in the new work environments. It is crucial that these messages on security come from the very top management and good examples are set from the beginning. Here are three recommendations for businesses to respond.
- Understanding the threats: With more and more employees working from home, business leaders should work with their security teams to identify the possibility of attack vectors. They should prioritize the protection of their business-critical applications and the most sensitive information.
- Encouraging communication & providing clear guidance: Right now, it is crucial that employees are clear about the home-working policies that include easy-to-follow steps that empower people to make their home-working environment as secure as possible. Employees should also know how to communicate with internal security teams regarding any suspicious activities.
- Providing right security capabilities: All the corporate-owned or managed devices should be equipped with essential security capabilities. This will help extend the same network security best practices that exist within the Organization to all remote environments. The critical capabilities may include:
- The ability to securely connect users to their business-critical cloud and on-premise applications. For instance, video teleconferencing applications that are increasingly relevant for remote work environments.
- Multi-Factor Authentication (MFA) should become a regular practice.
- The Organization should be able to block exploits, malware, and command-and-control (C2) traffic using real-time, automated threat intelligence.
- There should be endpoint protection on all mobiles and laptops, including VPN tools with encryption.
- The enterprise should be able to filter malicious domain URLs and perform DNS sink-holing to thwart common phishing attacks.
How Employees should respond?Employees should be encouraged to follow the guidelines provided to them by the Organization and take preventative measures.
- Good Password Hygiene: Employees should use complex passwords and multifactor authentication wherever possible. They should keep changing these passwords frequently.
- Updated Software & Systems: Updates and patches should be installed in a timely manner. This must include installs on mobile devices and other non-corporate devices that are used for work.
- Secured Wi-Fi Access Point: Users should change the default settings and passwords so that the potential impact of an attack on the work via other connected devices can be reduced.
- Using Virtual Private Network (VPN): VPNs create trusted connections between employees and Organizations. It ensures ongoing access to corporate tools and provides additional protection against phishing and malware attacks, similar to corporate firewalls.
- Personal & Work Shouldn’t Be Mixed: Employees should keep their work devices and personal devices separate. If they wouldn’t install or use a service while they are at office, they should not do it while at home on the work device.