Download Word Document: Click Here
Cyber Criminals are Out in Force to Take Advantage of New Vulnerabilities
By Michael Mullin, President
Integrated Business Systems
The past week has pushed businesses and employees into uncharted waters. Companies in “essential” and “non-essential” categories alike have shifted to partial or fully remote operations with little lead time – and while a positive step to promote social distancing, this has created disruption as staff and management work to settle into this new work-from-home reality. Cyber criminals are taking full advantage of the opportunity. Globally, we have seen a marked increase in cyber attacks as these bad actors recognize increased vulnerability in the form of additional attack vectors and distracted technology users.
The following suggestions can help businesses fight back.
Remote configurations and rules:
- If possible, remote team members should work on computers and systems dedicated for work vs. personal use.
- If possible, connection by a network cable and static address is preferable to a WIFI network.
- All remote work software, including Endpoint Protection software, should be managed and kept updated by an IT professional.
- End-users with inquiries should have access to both internal and third-party vendors for monitoring and support.
- All organizational information should be stored only in clearly defined, authorized locations.
- Login credentials and permissions should not be shared among employees.
- Employees should be directed not to work on personal matters while connected remotely to the workspace. When the dust settles, develop or implement a formal acceptable use policy (how employees are permitted to use company-owned PCs, devices, software, Internet access and e-mail).
Education, awareness and support:
- Raise awareness and reiterate the need for vigilance around e-mail based targeted attacks, with a strong emphasis on email dealing with the COVID-19 issue.
- Increase general discussion of cybersecurity amongst organizational employees and vendors.
- Education should be ongoing – not a one-time thing. Building knowledge is building power when it comes to minimizing human error.
- Refine remote working procedures in light of the current situation and make available a “hotline” for employees in need.
We are dealing with an unprecedented situation on many levels, and it continues to evolve. The good news is that tech advancements are enabling many organizations to keep their businesses running while doing their part to keep their employees – and communities – safe and healthy. Still, establishing and maintaining a secure remote operation can be complex. Even companies with a current network installed and secured by a trusted IT person or vendor would be well served to have a third party take a look and validate that nothing was overlooked.