Stepping up security for safe home workingBy Phil Smith,
For many of us, the Covid-19 lockdown has been about adjusting to home working but for cyber criminals our change in behaviour is an unprecedented opportunity where we are the potential victims. They have refocused their activity and are looking to profit from Covid-19 themed websites, fake news and scams.
Most enterprises will be ill-prepared for home working at the scale that’s been forced upon them and need to act rapidly to mitigate the security risks. There should be two priorities, the first is IT Managers and Chief Information Security Officers coming up with a security position that adapts the organisation appropriately to the crisis; the second is a campaign that alerts home-working employees to the threats and what they need to do to mitigate them.
Revisit existing policies
Organisations must urgently review their security policies and procedures, revisit their CIA triad model of Confidentiality, Integrity and Availability to make sure it aligns with the move to remote working. Some challenges are logistical and easier achieved than might be imagined. With BT, for example, it only takes a few hours to upgrade an existing datacentre client’s 100Mb connections to 10GB, providing greater capacity to support a surge in home working and keeping it secure by delivering it over a VPN (Virtual Private Network).
End-to-end encryption along with identity and access management controls become more important if employees are working remotely, with secure channels into corporate systems determined by privilege levels. The idea is that your CFO will have access to sensitive financial data that will be out of bounds to others.
A well-executed SIEM (Security Information and Event Management) posture around endpoint security should ensure that remote users are protected. The challenge in the current crisis will be extending the control over ‘shadow IT’, not just the free Unified Communication packages people are downloading but the home computers they’re running them on. Security policies and procedures will need to encompass hardware that hasn’t previously been covered.
With such a fast-changing threat landscape, endpoint security and active threat intelligence feeds become even more important. If it’s not an automated process, push updates out to all endpoints, including laptops and mobile devices. Policies can be updated to reflect changes to traffic flow and firewalls used to identify and block flake Covid-19 websites and backlisted IP addresses.
Alert employees to the risks
The old security mantra about people being the weakest link is even more true when they are working from home and targeted by a surge in scams. In the past month, phishing campaigns have increased 37 percent and the number of new registered websites related to Covid-19 have soared to over 4,000. Ostensibly providing protective kit and sanitizers, the real objective is to sell goods that never arrive or steal personal data that can be sold on the dark web.
All this illegal activity means home workers have to be even more wary and avoid clicking on adverts from websites or emails alluding to coronavirus or Covid-19. People have to be vigilant when it comes to online shopping, too. Only visit trusted URLs prefixed with ‘https’ (the ‘s’ stands for secure) and never click to websites from adverts, even if it’s a trusted brand, because the advert may be a phishing campaign and the website fake.
As an aside, parents working from home will need to be more mindful of children at this time. Off school and bored, they may have more unsupervised internet access risking greater exposure to online gaming scams, predators in chat groups and the usual child-focussed threats. Parental control software is a good investment, managing what sites they can access as well as setting time limits on their activity.
As ever with security, being safe is as much about common sense as policies and procedures. While Covid-19 restrictions remain and access to the internet deepens in importance to the global economy, so does our security awareness.