Planning is Paramount
It is easy to get caught up in the hysteria of Coronavirus as is evident from the empty shelves at grocery stores. Because things are happening so fast, your window to preparation is short, yet it is imperative to properly plan out your remote work implementation and make sure you get it right. Don’t just send your users scrambling out the door with a laptop in hand and hope they act responsibly. Your users are leaving the security confines of the enterprise and will be working in unsecure environments. It is now the job of internal IT to protect users and their devices during this time of separation. It is also their job to quarantine any outbreaks of malicious code from the enterprise should any user devices become infected during this time.
Every user account that is allotted remote access opens up one more point of vulnerability. Verify that all of the necessary apps and resources are accessible from the outside
Training Briefs
If you are like many companies that have been putting off your broad based cybersecurity training for “someday,” well, “someday” is today. Consider sending out daily email reminders and short videos that teach employees how to detect and handle phishing and other forms of social engineering attacks. Users should be discouraged against connecting to public or open networks. Those working from home should be encouraged to create a separate network within their home to further isolate their data if they know how. Remind employees not to share their work devices with other people, including family and to now download any work files to their remote devices or personal storage unless authorized by their superiors.
Create Communication Outlets
Users are going to be alone out there. You need a way for them to easily reach out for security concerns and questions. Consider creating an easy to remember email such as security@companyname.com or cybersecurity@companyname.com that users can easily contact internal IT at all times. Be sure that IT personnel monitors this email during regular hours.
Coronavirus-related cyberthreats
Unfortunately there's been a huge spike in Coronavirus-related cyberthreats over the last few weeks. These attacks revolve around phishing and malware primarily and are very sophisticated. Users are leaving the security confines of the college/business and will be working in unsecure environments. It is now the job of internal IT to protect users and their devices during this time of separation.
Two of our technologies are key in this area and we have seen massive demand so far this year. Email security using SpamTitan protects students and staff from newest iterations of phishing attacks.
If this is combined with our AI driven DNS security product, WebTitan, you have an umbrella layer over all students and staff protecting their devices. The ability to roll these solutions out seamlessly to remote users is essential.
SpamTitan Cloud is a powerful email security solution that protects against the full range of email threats. SpamTitan has advanced threat detection capabilities to detect known and zero-day phishing, spear phishing, malware, botnet, and ransomware threats and ensure the threats never reach inboxes. SpamTitan Cloud also scans outbound email to detect spamming and malware distribution, as well as improving protection against insider threats through tags for sensitive data.
WebTitan Cloud is a DNS filtering solution that provides protection from web-based attacks for user working on and off the network. Being cloud based, there is no need to backhaul traffic to the office to apply filtering controls. Since the filter is DNS-based, clean, filtered internet access is provided with no latency. Controls can easily be applied to restrict access to certain types of websites to prevent cyberslacking and block cybersecurity threats and malware downloads.
Both of these solutions are easy to implement, require no local clients, and can be set up to protect your employees in minutes. They are also available on a free trial if you want to evaluate the solutions before committing to a purchase.
VPN
Most likely you will have your users connecting to the company’s network through VPN. Many companies have reserved VPN for support personnel so the number of VPN users has been negligible. Now that number will be dramatically expanded. Some things to consider:
Make sure you have a separate zone on your firewall for VPN that is secured by policies. Such policies should restrict the access of remote devices to designated areas. Make sure that all traffic flowing through this zone is scrubbed with the firewall’s AV engines and monitored by its internal ISP. For those laptops that are MDM enrolled, you can install a VPN client through the management portal. If not, install and test the client before your users leave.
Encrypt and protect all Data
Any machine leaving the secure perimeter of the enterprise must have encryption enabled on it the event of theft or loss of device. For Windows 10 devices running Pro, Enterprise and Education editions, this is easily done by enabling BitLocker. You can enable BitLocker through Group Policy while the device is still on prem or through MDM remotely. You may also consider a policy that forces users to use their assigned cloud storage as this is encrypted and more secure.
Enable or Expand MFA
If you haven’t turned on MFA yet, now is the time to do it. Most firewall VPN systems have integrated MFA capabilities. MFA should be enabled for cloud services such as Office 365. You should even consider MFA for web conferencing in order to prevent eaves dropping.
Email Security
Email has been the primary delivery method of choice for malware attacks and this will certainly not change. Because people are particularly vulnerable to phishing attacks during times of crisis and worry, phishing attacks concerning the coronavirus will undoubtedly surge. A cloud-based email security solution such as SpamTitan is the most effective way to protect your user inboxes, whether they are working on or off site. SpamTitan is an advanced email filtering solution that works seamlessly with Office 365 to improve spam detection rates and block more threats. SpamTitan uses predictive techniques to block new malware variants, spear phishing, and zero-day attacks to prevent these threats from being delivered to end users’ inboxes. Learn more about how to protect Office 365 from attack.
Coronavirus does not Exempt Compliancy
Remember that just because your computers have moved off-premise does not mean you are exempt from compliances such as HIPAA and GDPR. TitanHQ solutions allow you to balance maintaining security, compliance and HIPAA requirements. We develop web security solutions for healthcare institutions across the globe. You’re working with a team who understand key areas such as the need for robust security, handling of sensitive patient information and regulatory standards and laws.
Organizations that fall under compliance jurisdictions are still required to uphold minimum necessary measures when handling personal data of patients, customers and third parties. You may want to check the websites of your functional protection authorities of your country for updates and advice.
Finally, we at TitanHQ ask to you to remain security conscious and vigilant during this challenging period. Stay safe.