Cybercriminals have been exceptionally busy during this COVID-19 crisis, and the number of cyber incidents has increased dramatically. The World Health Organization (WHO) alone has reported a five-fold increase in attacks against their staff, with about 450 actives WHO email addresses leaked online. IT specialists are working hard to provide technical support and cyber hygiene advice to fellow employees working from home, but they shouldn’t forget to follow their safety advice.
After all, being an IT professional doesn’t guarantee immunity from a determined cyberattack, not by a long shot. There is always going to be a hacker that is better prepared, equipped, and experienced to circumvent your defenses. If you work in IT, you’re also going to need protection from identity theft, phishing, account takeover, DDoS attacks, and other nasty things. Here are a few practical tips on practicing proper IT-level cyber hygiene while managing other users remotely.
Maintain an up-to-date inventory of all company assets that’s on the network, including software and hardware. This first step can be challenging because these assets are always going to be in flux. There will always be new devices to be added, retiring machines, virtual machine migration, and employees installing or updating unapproved or illegal software. Accurate asset tracking can help you manage cyber hygiene compliance and mitigate the risks of a cyber attack.
The use of weak, default, and re-used passwords are rampant in almost all businesses. What’s worse are instances where employees write their passwords on a piece of paper and leave it out in the open. Even strict password policies can’t address the issue of password reuse, especially on private accounts and other platforms IT teams have no control over. Educate everyone on using strong password strings and to never use the same password twice.
Ensure that everyone working remotely has a robust and tested VPN installed on their system because they will be accessing the corporate network and confidential resources. Mobilizing to VPN can be a challenge, especially when educating employees on how to use one if they haven’t before. Give senior partners, management, and top-level employees priority because they are high-value targets for spear phishing. If their email or data gets compromised, the impact on the company will be more significant. After VPN deployment, ensure that you can check if everyone is using it to secure their connections.
Prioritize the patching of critical business assets first before addressing the rest of the remote organization. Since everyone is working from home, the highest targets will be directors, managers, and officers, so patch their systems for vulnerabilities before patching the computer of the staff from sales.
It’s crucial to be able to identify users trying to access the corporate network and sensitive files. Establish a strong user identity by using an Identity and Access Management (IAM) tool and a password manager for better authentication and security.
Your extended perimeter includes default passwords still in use, port exposure, broken certificates, and security configuration problems. An attack or breach generally starts when vulnerable systems on the extended perimeter get compromised due to a weak password, unpatched software, or an employee targeted for phishing. Some cybercriminals have even used zero-day exploits to establish the initial breach. Make sure to check your extended perimeter at all times.
Ensure endpoint Security among all remote staff because of the sheer number of phishing scams and malicious websites popping up due to the COVID-19 pandemic. Help other remote workers by rolling out robust controls for endpoint security so they can avoid becoming a victim of these scams. Make sure to verify that endpoint protection remains consistent among remote staff. Departments with more critical assets should be given more extensive endpoint security controls.
#security #cybersecurity #cyber attacks #covid 19 #identity theft #remote worker #pandemic