PSA: IT Security While Working Remotely

April 20, 2020 Scott Evangelist

The unprecedented COVID-19 pandemic represents a golden opportunity for malicious actors. The FBI, Electronic Frontier Foundation, and Krebs on Security all caution that attacks are on the rise. We’ve assembled some resources below to help you maintain your IT security, avoid these types of attacks, and safeguard your organization’s bottom line.

---

---

Best Practices

COVID-19 has forced many of us into a new way of life, both at home and at work. As the lines blur it’s more important than ever to maintain certain best practices when it comes to your IT security. 

• Virtual Private Networks. Beyond ensuring capacity for everyone, also be sure to monitor your network closely and keep VPN clients and firewalls up to date. 
  
• Home WiFi. Password protect your WiFi, hide the SSID from public view, and split the guest network off to a different SSID. Deploying firmware updates promptly is also essential.
  
• Antivirus. Ensure any workstation that has access to your corporate network has an antivirus tool installed and running.
  
• Patching. New vulnerabilities, often leveraged to infiltrate networks, are found daily. Staying on top of security updates is a critical baseline for securing your network.
  
• Multi-factor Authentication. Turn on multi-factor for every possible service and use it always. The added layer of access control is quickly becoming the norm across many SaaS offerings. 
  
• DNS-based Protection. Safeguard your users when they’re not on VPN by deploying a DNS-based tool like Cisco Umbrella. 

Policies & Procedures

Though most policy manuals couldn’t have accounted for COVID, certain policies and procedures have quickly become critical to ensuring business continuity. Providing written guidance on how to access cloud hosted resources from home, BYOD policies, VPN configuration and acceptable use, & backup best-practice enables your staff to rapidly transition and cuts your IT risk.  

• Prioritize. Acceptable Use, Asset Management, Backup, Password Policy, Telecommuting, Security Incident Response, Disaster Recovery, and BYOD/Mobile Device policies should be developed and rolled out as soon as possible. 
  
• Distribute and train. A policy binder printed years ago and stashed in a cubicle won’t help you now. Consider GRC software to digitally distribute policies and ensure continual awareness and training. 
  
• Review and audit. It’s not enough to write these policies. Take the next step by reviewing them annually, auditing compliance, and remediating issues found during audits. 

Social Engineering

Reports show a 600% increase in phishing attacks since February. This form of social engineering is designed to trick you and your already harried staff into a momentary lapse of judgement. Whether that means opening a malicious attachment or entering credentials on a convincingly fake Microsoft Office 365 login page, the intent is to infiltrate your network, deploy ransomware, or steal information/money.  The best defense to social engineering is education and awareness. 

• Be suspicious. Hover over links to determine the destination, review URLs carefully, and never open unexpected attachments. 
  
• Trust your gut. If an email looks ‘off’ it probably is. 
  
• Keep it confidential. Credit card numbers, passwords, & usernames should never be sent through email. 
  
• Test, educate, & repeat. Employ phishing simulation to raise awareness, educate on incident handling, and hold users accountable. 

Securing Zoom

Recent disclosures have brought certain Zoom Meetings vulnerabilities to light. Zoombombing, not so end-to-end encryption, and unwanted data sharing just to name a few. Some steps to take to secure your Zoom Meetings include:

•   Ensure meeting passwords are required, including dial-ins.
•   Enable the Waiting Room feature and disable Join Before Host.
•   Implement Single Sign-On (SSO) and password complexity requirements.