Remote work setup is a security nightmare for many organizations but with the current situation brought about by the effects of the pandemic, it can’t be helped.
According to security experts from Fujitsu, accessing data outside the office or beyond a secure network perimeter opens unprecedented “attack surfaces” for cybercriminals. It also creates additional security vulnerability for organizations.
How then can businesses ensure cybersecurity resiliency? To help in tackling these threats, Fujitsu has put together these following imperatives:
Regular patching is important. For most IT leaders, applying security patches to software is something that must be highly governed to prevent it from affecting the IT operations negatively. This mindset, however, causes companies to fall behind in patch management routines, which increases their attack surface.
It is expected that attackers will continue to aggressively try exploiting the changes in working practices amid the current health crisis. Businesses, thus, are advised to patch frequently and manage eventual outcomes rather than waiting for months to patch perfectly.
Learn how to spot COVID-19 phishing e-mails. Cyberattack cases, related to COVID-19, are seen to rise in the Philippines over the last couple of months. Recently, the government warns the public about the growing number of online fraudsters, exploiting people’s fear and using the pandemic to lure their victims into clicking phishing e-mails and installing malware capable of stealing private and sensitive data.
Fujitsu’s security experts say that the growing volume of these pandemic related emails from both internal and external sources target Office 365 users as part of widespread phishing campaigns. Once hackers successfully accessed an account, they also get access to many other Microsoft tools, such as OneDrive and Skype. Hackers can then hijack conversation threads, other sensitive data, and use them to misdirect financial transactions, among others.
It pays to ensure that all employees have a better understanding of how internal COVID-19 communications look like and who the senders are. They should also be reminded to be cautious in accessing unsolicited external e-mails, claiming to be about updates, advice, among others, on the current health crisis.
Be extra vigilant around C-Suite e-mail accounts. For many attackers, having access to the e-mail accounts of senior and C-level executives is like a trophy. By assuming the identity of these executives through their compromised accounts, these cybercriminals can now easily attack other internal and external users. Employees and customers naturally trust the links and attachments in the e-mails sent by senior executives.
Users must be trained on how to spot e-mails from colleagues and seniors that do not seem right—from the tone, grammar, to the obvious and underlying risks, among other details. Everyone in the organization must know how to detect and report potential phishing attempts. The total coverage across the organization will go a long way in eradicating this form of social engineering.
Targeted Security will be required. As the current working practices change drastically, corporate networks now have distributed users and remote workers using their own devices, such as smartphones, more than ever before. Thus, it is critical to ensure that security monitoring systems and processes can quickly identify network anomalies and signs of compromise.
Organizations must take a risk-based approach to prioritize assets, users, and systems, which present the highest risk to ensure that they are monitored appropriately. For instance, due to global responses, such as lockdowns and community quarantines, vendors that operate brick and mortar stores are moving or relying on e-commerce. Collaboration tools, on the other hand, will most likely have taken on greater importance for day-to-day operations.
Make cybersecurity education a critical element of secure remote working. When working from home, users are most likely to visit dubious sites and click on links that they would not have in an office environment. At a time when attackers are actively exploiting remote working vulnerabilities, organizations must ensure that employees do their part in keeping the enterprise secure.
To support their employees, organizations must share best practices, provide workers with consistent security awareness training, focused on working from home, and allow workers to report incidents on time.
Ensure reliable and secure network access. In a remote working setup, keeping a reliable and secure network is critical since users need to have access to resources that they need to do their tasks. It will also help prevent unauthorized users and devices from gaining access to the network resource.
Companies must keep an eye on the use of shadow IT. It also pays to promote the use of approved tools, messaging, devices, and applications — like secure file-transfer and document management tools. Users, on the other hand, must be aware of their responsibilities when using corporate devices and networks by making them well-informed about relevant policies, as well as well-guided on which tools and applications are acceptable.
Redefine trust for people in the organization. Before the pandemic, any device inside a secure network can be trusted and, those that are outside cannot. Organizations must start rethinking this concept, especially that secure remote access has become critical to effective operations.
Organizations must keep their operations and customers secure by giving their people the trust they need to work remotely by implementing the “Zero Trust” model for devices. This approach means that the access to business systems should be granted when a trusted person with the correct identity and credentials requests it and, not when a device, which just happens to be in the right place, makes the same request.
Consider the physical elements of cybersecurity. Many enterprises provide workspace equipment for remote workers to ensure their compliance with health and safety policies. This time, it will be best to add security equipment to the provided kit. For instance, consider including privacy black-out filter screens to help ensure that the data is not compromised. It also pays to enforce session time-out measures for sensitive applications to ensure systems cannot be compromised when employees forget to lock their systems. These precautions are important, particularly in cases where employees reside in shared accommodation.
Collaborate with peers for the greater good. Lastly, the unprecedented challenges amid the current health crisis urge all organizations to create new security strategies and formulate responses rapidly with limited information. Since everyone faces the same challenges, it will be beneficial to collaborate and share cybersecurity challenges, best practices, and lessons learned with peers.
Drawing on external sources of intelligence and inspiration will accelerate the development of an efficient strategy. It will also help ensure resilience throughout the entire supply chain, as well as the industry.