The coronavirus (COVID-19) outbreak has officially been categorized by the World Health Organization (WHO) as a pandemic. What this means for the world is that the infection is spreading at an accelerated rate, globally. Canada has closed its borders, and the province of Ontario has declared a state of emergency. What this means for many businesses is that they are opting their staff to adopt a work-from-home policy; but we have to ensure remote worker security.
While a majority of large-scale organizations may have the infrastructure, security policies and hardware in place to support remote workers, for smaller business models, the situation is likely much different. Remote working is likely limited to a select few, with a heavy reliance on emails. The education sector provides a good example of this; where colleges and universities have had the option for remote course work for many years now, elementary schools are heavily dependent on on-site attendance in order to operate at any capacity. A high school cannot really operate without student attendance. Virtual conferencing and network access would be an absolute minimal requirement.
Minimum Remote Worker Requirements:
Computer
Stable, Efficient Internet Connection
Conferencing Applications, such as Slack, Same-time, or Google Chat
Phone – Cellphone or home phone
Quiet Space to Conduct Work
It should be understood that remote workers present a special case where security is concerned. Employees will be exposing company devices to greater risk as they leave the relative safety of the office environment. Devices utilized in the WFH environment need to be protected against loss and theft by the utilization of options including:
Strong Password Policies: Enforce passwords on Startup. Set Inactivity timeouts and warn employees of public display of passwords. (I.E. Post It Notes, etc)
Log Out!: When a device is not in use, either in the home or a public place (library, coffee shop etc), the device should be locked to avoid providing someone else access to the device while unattended.
While Not in Use, Hide it!: A company device should never be left unattended when not in use. If travelling, leave the device in the truck.
Two-Factor Authentication: Where possible, Two-Factor Authentication is encouraged as an additional layer of security.
Full-disk Encryption: This will ensure that even if a device falls into the hands of a malicious party, company data is not accessible.
Breaking News:
Forbes Magazine reports 2500 (Cyber) attacks in less than a day, stating a number of coronavirus themed attacked spiked significantly on Monday, March 16. In days prior, the number of infections was sitting in the double digits. An example of one phishing email was provided to demonstrate the content of such attempts. They are often praying on the fear and insecurity of the user, promising harm reduction information and vaccines.
Forbes
In previous Packetlabs blog posts, particularly Business Email Compromise and Coronavirus Email Scam, we have explored the idea of employees as the weakest link and highlighted the importance of awareness training in the success of any security program. When employees are moved from the relative security of the office, to the more casual remote setting of the home office, employees may well be more likely to click on suspicious links and emails, especially if there are no managers or fellow colleagues who may discourage such behaviour.
At this stage of the game, an awareness refresher may be in good order. Hackers are always on the lookout to exploit the human element, and, unfortunately, the COVID-19 pandemic presents an opportunity most cybercriminals would not dare pass up.
In response to such a threat, it would be advisable that all businesses consider a training requirement prior to moving to the work-from-home model. While an in-person training regimen often produces the best results, some alternatives might include a video conference option, or at the very least, a guide or some kind for all employees to review from their home. If nothing more, this can limit the exposure that some organizations are faced with in the wake of this crisis.
While this model of training should really be a pre-requisite to remote work, given the current circumstances, completion soon thereafter may be the only option. Consider your organizations options, and adopt the best working model.
With the obvious urgency to provide remote access, it is important that cybersecurity is not sacrificed. Any organizations ability to support users remotely is going to be completely essential to ensuring smooth, secure operations, especially if users become quarantined during this sensitive time. Those working from home will need to have clear instructions and protocols in place for IT support for either access or, heaven forbid, any unusual issues that may be the result of a security breach.
It is important for an organization understands that it can be a challenge to adjust to working remotely effectively, with such little preparation, so appropriate guidance and assistance is going to be absolutely crucial.
October 24 - Blog
Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.
September 27 - Blog
InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.
September 26 - Blog
Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.