WFH: Proactively Addressing Cybersecurity Challenges

These are difficult times for everyone, trying to understand how to work with many, if not all, employees working remotely from home. Entire families are distanced from each other, while others are sharing more togetherness time than they have had in years. Beyond the disruption of adjusting to this way of working, there is the need to pay extra attention to cybersecurity.

Cybercriminals are taking advantage of overworked IT and security teams, lax security protocols on personal devices being used to work from home, and fear. They are exploiting the coronavirus situation to attack vulnerable organizations and individuals at a time when SOCs aren’t being staffed by their regular teams.

Rick Grinnell, Founder and Managing Partner has collaborated with portfolio executives, Protect Council members, and the extended Glasswing community of security experts to develop best practices for protecting companies in the current environment.

Here’s What Organizations Should Be Doing

Because of coronavirus, we are seeing greatly enhanced attacks, particularly targeting unsuspecting consumers, many of whom are your remote workers. So how can you address the increase in cyberthreats when the majority of your workforce is logging in remotely? Here are some tips:

  • Everybody has to pull together. Yes, there are security teams who oversee your regular operations, but security should always be a team effort. That is especially true now when individuals need to step up their personal security posture as they work from home.
  • As home workers may need to use personal devices for work, it is critical that these home machines are protected by endpoint security, as would be typical with managed IT assets. Most organizations will have vendors they already use and recommend for their devices. For those looking for an easy but sophisticated consumer-focused solution, Cylance offers a powerful home edition.
  • Determine if your network can handle the increased number of VPNs and remote desktop systems. Definitely leverage VPNs as much as possible, but if that is not possible for everyone, determine what other secure connection options are available. Without an enterprise solution, applications like TunnelBear will improve security.
  • Do not trust anything until you verify the source, and that includes maps, ads, apps on mobile devices, or browser plugin downloads. Enable 2FA (Two Factor Authentication) for all of your applications and log-ins. Most applications and web services (banks, brokerage accounts, etc.) have this feature.
  • Use encryption for sensitive communications and document sharing. Consider deploying solutions from vendors like Virtru or Mimecast. Encourage better password management. Usernames and passwords are even easier to steal now, so this is the time to rethink those processes. Password managers like LastPass or Duo Security are good options.
  • Understand your industry’s compliance and data privacy regulations surrounding remote work. Things like HIPAA, GDPR, and CCPA are still in effect, even if everyone is working differently.
  • Security training is more essential than ever. Continue whatever routines would be followed in office, and have security and IT teams send out regular reminders on how to identify phishing scams and fake websites. If not already used, email-based malware and phishing detection services from Mimecast or Proofpoint should be quickly deployed. Fake websites used for phishing and credential harvesting can be discovered and mitigated by solutions from Allure Security.
  • Be prepared for changes in employee behaviors and address these proactively. This is not to say that your employees are suddenly going to go rogue and be malicious insiders, but they may be printing out more sensitive documents than usual, saving confidential data on insecure home machines, or not logging off work sites before someone else uses the computer. Leadership should present guidelines on how to best prepare employees on how to handle sensitive issues at home.
  • Set up secure channels and operating procedures for third parties and supply chains. To continuously monitor supply chain partners consider a solution provided by NormShield.
  • To monitor if your organization has been compromised, digital risk protection solutions like Terbium Labs’ offering can identify stolen corporate credentials and data.
  • To help defend against threats that keep evolving and getting more destructive consider joining the HIVE. Smart Hive allows organizations to learn from each other in real-time and defend as one in an automated manner without adding or removing any additional security tools. An attack on one is a defense for all in the HIVE.

Taking these measures will provide much better security now, in this time of crisis, and afterward, as more organizations realize that they can leverage remote workers and maintain high levels of productivity. Our sincere wishes for everyone’s continued safety and well-being.

- The Glasswing Team

--

--

--

Glasswing Ventures is an early stage VC firm investing in AI and frontier tech startups that enable the rise of the intelligent enterprise // www.Glasswing.vc

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Tokenplay Gaming Platform build update announcement August 16, 2021

ISO 27001 Certification Audits: What are Stage 1 and Stage 2 All About?

{UPDATE} Car Driving 3D Hack Free Resources Generator

Simple Logic: Leads to account takeover.

{UPDATE} Playthunee Hack Free Resources Generator

I want biometric verification of my Swiss bank account Rajaaliqadar Rajaaliqadar Rajaaliqadar and…

Why Cybersecurity Matters in the Future of Genomics

To click or not to click? Avoiding SMS phishing for VAT payments

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Glasswing Team

Glasswing Team

Glasswing Ventures is an early stage VC firm investing in AI and frontier tech startups that enable the rise of the intelligent enterprise // www.Glasswing.vc

More from Medium

Move2EarnAPY: The first Sustainable, Rebase and Auto-staking Protocol On Metaverse With Earn Of…

What Are CRM Integrations? Everything You Need To Know

Cryptobric: The implementation of the customer verification system has been completed.

Мотивационное письмо