Social distancing is a term applied to certain actions that are taken by Public Health officials to stop or slow down the spread of a highly contagious disease such as COVID-19. Out of an abundance of caution and following the guidance of state and federal governments, many companies are practicing social distancing by encouraging or requiring employees to work from home. This action, although prudent, presents problems in the cybersecurity domain as workers move from a trusted and secured office network to a remote location, where in most cases only Internet connectivity and electric power are imperatives. This move extends a corporate network in ways that make it more difficult to secure and thus presenting an opportunity for cyber criminals to take advantage of the situation. In fact, cyber criminals are already using "Coronavirus" and “COVID-19” as subject lines for phishing scams - hoping to fool some unsuspecting worker into clicking on a link or opening an attachment that results in the installation of malware or unwittingly handing over usernames and passwords.
With that in mind, here are some tips to stay safe as you and your employees work from home:
- Avoid mixing work and leisure activities on the same device. Work activities should be confined to the work devices and personal activities such as Facebook, Instagram, etc. to personal devices. Commingling activities increases risk.
- Ensure your devices have anti-virus and that the virus definitions are kept up-to-date. New viruses and malicious sites will appear rapidly as this crisis continues, so be sure to update definitions regularly.
- Ensure your devices have the latest operating system and application updates. These almost always contain security enhancements.
- Use multi-layer security solutions like Netsurion’s EventTracker SIEM+EDR that can add an extra protection for laptops when they’re not connected to the office network. Utilizing a SIEM that is backed by a 24/7 SOC so it’s constantly monitored for threats will also relieve a challenge for in-house IT teams who are now constrained supporting many work-from-home (WFH) users.
- Ensure you home Wi-Fi is secured using strong Wi-Fi encryption such as WP2and a strong unique password for access; and by changing the Wi-Fi router admin password from the default.
- Remove bogus add-on's for browsers (often used for shopping) as they can steal data or download malware.
- Have a backup strategy and follow it. Even the best security plans can have holes, and users make mistakes. If a ransomware attack was to get through, your files could be gone in an instant. Make sure your backup plans cover all servers and workstations.
- If your office has set-up a virtual private network (VPN) to connect back to corporate servers, make sure the VPN client software is updated.
- Have a list of IT contacts that all of your employees know, and their work hours, to call in the event of an IT emergency. Better to find out about a possible breach when it happens, not the next morning.
- Lastly, and worthy of its own five bonus tips, be especially aware of potential phishing attacks:
- Be suspicious of any emails referencing the Coronavirus, even if they appear to come from a trusted source (friends, HR, government agency) as these could be phishing emails. Phishing scams try to create an impression of urgency in order to panic you into clicking on the link or opening the attachment, so beware.
- It’s generally fine to click on links when you’re on trusted sites but clicking on links that appear in random emails and instant messages isn’t wise. A phishing email may claim to be from a legitimate company and when you click the link to the website, it may look exactly like the real website however it is not. To be safe, hover over links before clicking on them and read the actual URL they are pointing to. Make sure the link is taking you to the sender’s site, or to another trust site – if you don’t recognize the URL it’s generally not a good idea to follow the link.
- Beware of emails that do not contain your name, especially if they are asking for information from you. Most phishing emails will start with “Dear Customer” so you should be alert when you come across these emails. When in doubt, go directly to the source rather than clicking a potentially dangerous link.
- Be especially wary of emails asking you to check or renew passwords and login credentials.
- Beware of unusual requests such as to send a wire transfer even from people you know. There have been many instances of phishing emails appearing to come from executives or other people within the company that are not legit. If it seems unusual (i.e. “I’ve been here for 3 years and have never received an email from the CEO, but I did today”) or out of character, call the requestor and ask if the email is real.
Following these tips will help keep your and your company’s data stay cyber-safe while working outside of the office during these trying times. Be vigilant.