The COVID-19 pandemic resulted in unprecedented changes to all aspects of our lives. As different states reopen, pause reopening, and roll back reopening, there is much uncertainty as to the path forward for businesses of various sizes. The chaos of the initial quarantine has given way to an uneasy limbo status for many organizations with workers who shifting between working remote and returning to the office.
During the last few months, the frantic change to remote work resulted in purchasing new hardware, software, networking equipment, and other solutions. Some organizations were able repurpose existing equipment, but others embraced new BYOD policies. The rush to get everyone online and connected was focused on hasty implementation and not security.
Unfortunately, cyber threats did not pause during this time. As we continue to adjust, now businesses should focus on shoring up their cyber defenses with a renewed effort for addressing remote users and non-standardized configurations. Improving our cyber hygiene, if you will. There are a number of steps that can be taken to improve the security posture as we move towards this new normal.
Some of the most important considerations that may not have been fully reviewed as we hastily reestablished business practices include:
Remote users may be using personal computers and are mostly likely using personal internet connections with a consumer grade router/access point. Regardless of vendor, these devices need regular updates. Advise remote users to enable automatic updates on their operating system and to regularly check for updates for their networking devices. Provide access to antimalware software and encourage its use. As part of your ongoing security awareness training, mention that users should review their devices and update as needed.
Slower internet connections and lack of user education may result in a large number of local files. Keep confidential and proprietary data in the cloud or on servers kept on premises, not on personal devices. Each place that data is kept increases the attack surface. Discourage users from maintaining files locally. This will reduce the chance of data loss due to theft or failed devices.
More remote access results in more opportunities for credential-based attacks. Remind users to practice good credential hygiene, especially not reusing passwords. Advise users not to store save business-critical passwords in browsers and other places where they can easily be used by unauthorized parties. Encourage the use of password managers and strong passphrases. If possible, implement multi-factor authentication. This is available for most cloud services and can be enabled for many on-premise services as well.
Uncertainty and changing times provide more attack vectors for social engineering-based attacks. Remind users of the dangerous of phishing and refresh their security awareness training by including updated information in company communications. More details and free resources can be found in the link at the bottom of this article.
The good news is that businesses do not have to face this threat alone. There are a number of resources available to address these concerns. The National Cyber Security Alliance (NCSA) has compiled a resource page with dozens of links to both government and commercial sites providing free guidance during this time.
NCSA has broken down the resource guide into sections on avoiding scams, remote working tips, and other assistance. This information will save your organization time and money as many of these tips can be easily implemented and there are available security awareness resources that can be freely used. This information can be found at staysafeonline.org/covid-19-security-resource-library.
Just like wearing a mask, practicing good cyber hygiene helps protect you and those around you. Keeping your users informed and your data secure will allow you to focus on continuing business operations during these challenging times.
Robert Jorgensen is Assistant Professor of Cybersecurity at Utah Valley University.