Three tips on how to manage Cybersecurity risks during Corona

The current global quarantine caused by the Covid virus has created the largest remote workforce in the history of civilization and changed the overall daily operation of companies. In addition, it looks like the home office will be a part of life in many of the companies also after the virus. This sudden change requires end-user security. In order for individual work teams to continue to function properly, they need technology that gives them access to all the resources they need. This requires the extension of security accessories, such as multi-factor authentication or endpoint device management.

Therefore, in recent months, IT companies have placed great emphasis on ensuring their functioning with regard to the cybersecurity threats that remote work brings. However, effective management of this situation requires multiple strategies that ensure that the transition to remote network operation remains secure. Here are some examples of how this security can be achieved.

1. Managing of Shadow IT Activities

By “shadow IT activities” we mean employees who accessing services and applications outside of corporate IT. Most remote employees engaging in this practice aren’t “bad actors”, they are simply filling knowledge or process gaps with a familiar and easy-to-use technology tool. This often involves using riskier apps interfaces with colleagues and/or sharing company documents through insecure communication channels. Shadow IT risk prevention requires companies to take a proactive plan. What do employees get access to? How will the company with the lowest possible risk ensure that the use of current work tools is also possible in remote work? Can a company use a secure platform instead of regular chat apps that aren’t secure enough?

2. Analysis of Traffic

When remote employees use unsecured devices, the company needs to find ways to analyze network and application traffic. Otherwise, you need to reckon with malware and viruses. Attacks at the application layer are using app or protocol vulnerabilities to penetrate web servers, voice services, or other entry points. Network threat detection tools can spot suspicious behaviors at various endpoints, so companies can better protect themselves from devices that have little or no built-in security.

3. Specific Training Content building

A classic regular employee who has moved to a home office is usually not an IT expert. This shows how much is important the need for remote employee education. Unlike office work, remote work requires more rigorous training for employees to understand how to use individual platforms to reduce potential risk. This should include guidance on how to:

  • Access the corporate VPN
  • Understand and avoid phishing and smishing schemes
  • Employ strong password and MFA practices
  • Avoid unsecured Wi-Fi networks
  • Use internet searching responsibly

Conclusion

The home office is likely to be here to a greater extent also after Corona. The role of security departments is therefore to transform their operations for this new reality with enhanced training, expanded apps for collaboration and access, and traffic analysis to keep workers and the company safe and secure.

Source: securitymagazine.com