The New normal working from home environment can present a great strain on infrastructure and a great opportunity for increased activity from cybercriminals. We must ensure that this crisis situation does not lead to digital (or cyber) disaster.  In this toolkit we share what we are seeing as the greatest challenges and solutions that can be implemented to ensure security posture is maintained while the system may be under stress.

covid-4948866_1920.jpg

The work paradigm has shifted...

More Endpoints to Protect

Each user’s home network is now part of the corporate attack surface and could be used as a vector to launch attacks.

Work from home adds complexity

Users are now being distracted by home issues and stress from the pandemic.  This can lead to users making “bad” decisions regarding phishing campaigns.

Higher use of “new” cloud services

Users could begin to “solve” their own challenges by leveraging cloud-based tools which are out of the control of the IT and security groups and could create risks to corporate assets

Increased Technical Support Issues

Increased complexity of troubleshooting technical issues as most users are not “tech-savvy” and their home network and technology support must be performed remotely.

Increased Video Conference Usage

Business users are now relying on video conference solutions to conduct business.  The demands on these services will become a constraint and potentially an availability risk.

Increased Issues with time management

Users are working different and shifted hours due to reduced commutes, homeschooling, etc.  This can require different staffing models for support and security monitoring.

Tools for IT and InfoSec Teams

Conference call management

Security Intel Monitoring

Telework Policies

User Training and Ongoing Communication

Partnering with the Business

Good Hygiene Practices

Performance Monitoring

End Point Protection

User Defense Strategies

Use MFA Everywhere

All personal accounts that support MFA should be using it, including personal accounts like Netflix, ITunes, Ring, Etc., and passwords should not be reused on any accounts.

Secure your Wifi

Home wifi routers should be configured to use WPA2 encryption and a strong password should be used for setup.

Limit Access to Devices

Work computers and devices should be restricted to only work activities and not used by other family members.

Be alert to attacks

Phishing scams and campaigns are prevalent right now.  All users need to be extra cautious of not opening and clicking on links and attachments.

Coordinate with IT

It is very important that users not just “find” new tools to perform work activities without checking with IT to understand the risks that may be created.