WFH: Proactively Addressing Cybersecurity Challenges

These are difficult times for everyone, trying to understand how to work with many, if not all, employees working remotely from home. Entire families are distanced from each other, while others are sharing more togetherness time than they have had in years. Beyond the disruption of adjusting to this way of working, there is the need to pay extra attention to cybersecurity.

Cybercriminals are taking advantage of overworked IT and security teams, lax security protocols on personal devices being used to work from home, and fear. They are exploiting the coronavirus situation to attack vulnerable organizations and individuals at a time when SOCs aren’t being staffed by their regular teams.

Rick Grinnell, Founder and Managing Partner has collaborated with portfolio executives, Protect Council members, and the extended Glasswing community of security experts to develop best practices for protecting companies in the current environment.

Here’s What Organizations Should Be Doing

Because of coronavirus, we are seeing greatly enhanced attacks, particularly targeting unsuspecting consumers, many of whom are your remote workers. So how can you address the increase in cyberthreats when the majority of your workforce is logging in remotely? Here are some tips:

• Everybody has to pull together. Yes, there are security teams who oversee your regular operations, but security should always be a team effort. That is especially true now when individuals need to step up their personal security posture as they work from home.
• As home workers may need to use personal devices for work, it is critical that these home machines are protected by endpoint security, as would be typical with managed IT assets. Most organizations will have vendors they already use and recommend for their devices. For those looking for an easy but sophisticated consumer-focused solution, Cylance offers a powerful home edition.
• Determine if your network can handle the increased number of VPNs and remote desktop systems. Definitely leverage VPNs as much as possible, but if that is not possible for everyone, determine what other secure connection options are available. Without an enterprise solution, applications like TunnelBear will improve security.
• Do not trust anything until you verify the source, and that includes maps, ads, apps on mobile devices, or browser plugin downloads. Enable 2FA (Two Factor Authentication) for all of your applications and log-ins. Most applications and web services (banks, brokerage accounts, etc.) have this feature.
• Use encryption for sensitive communications and document sharing. Consider deploying solutions from vendors like Virtru or Mimecast. Encourage better password management. Usernames and passwords are even easier to steal now, so this is the time to rethink those processes. Password managers like LastPass or Duo Security are good options.
• Understand your industry’s compliance and data privacy regulations surrounding remote work. Things like HIPAA, GDPR, and CCPA are still in effect, even if everyone is working differently.
• Security training is more essential than ever. Continue whatever routines would be followed in office, and have security and IT teams send out regular reminders on how to identify phishing scams and fake websites. If not already used, email-based malware and phishing detection services from Mimecast or Proofpoint should be quickly deployed. Fake websites used for phishing and credential harvesting can be discovered and mitigated by solutions from Allure Security.
• Be prepared for changes in employee behaviors and address these proactively. This is not to say that your employees are suddenly going to go rogue and be malicious insiders, but they may be printing out more sensitive documents than usual, saving confidential data on insecure home machines, or not logging off work sites before someone else uses the computer. Leadership should present guidelines on how to best prepare employees on how to handle sensitive issues at home.
• Set up secure channels and operating procedures for third parties and supply chains. To continuously monitor supply chain partners consider a solution provided by NormShield.
• To monitor if your organization has been compromised, digital risk protection solutions like Terbium Labs’ offering can identify stolen corporate credentials and data.
• To help defend against threats that keep evolving and getting more destructive consider joining the HIVE. Smart Hive allows organizations to learn from each other in real-time and defend as one in an automated manner without adding or removing any additional security tools. An attack on one is a defense for all in the HIVE.

Taking these measures will provide much better security now, in this time of crisis, and afterward, as more organizations realize that they can leverage remote workers and maintain high levels of productivity. Our sincere wishes for everyone’s continued safety and well-being.

- The Glasswing Team