Covid-19: Top security tips to keep your team safe whilst working from home
Beyond the many challenges that Covid-19 (Coronavirus) presents to society and the economy, our businesses are set to face dramatic changes in an attempt to control the spread and impact of the pandemic.
We are beginning to see companies encouraging or enforcing that their staff work from home, especially in locations where there have been outbreaks of the virus. It is likely that over the coming weeks and months more organisations will choose to close or limit office access to protect their workforce.
But what does this mean for companies wishing to keep their employees, devices, and infrastructure safe from cyber threats? Many IT and security teams may not be prepared for such a large transition for the organisation to suddenly be working remotely.
Taking sensible measures will ensure that your team and company have the best defences in place during these uncertain times.
Strong passwords
It should go without saying, but enforcing the use of strong passwords and 2FA are the most basic steps to protecting devices and data. This is especially true when devices are leaving your place of work.
Secure physical assets
With limited or no on-site presence it is important to make sure devices are secured to protect them from both theft and tampering. Workstations, for example, that are no longer in use should be encrypted by default and powered down. Where possible lock devices away rather than leaving them on desks.
An empty office could also provide an opportunity to arrange a deep-clean of desks, shared spaces and germ-catching keyboards.
Consider updating your BYOD policies
For individuals without laptops, you may have to relax your BYOD policy to include the use of personal devices to enable staff to work remotely. This of course comes with risks as personal devices generally have poorer security measures than corporate devices. Where possible, encourage the steps in this guide are implemented to keep your organisation’s data secure.
Support staff
In the event of your organisation introducing working from home measures, it is likely that they will also have introduced a contingency plan that may outline how they intend to deal with potential challenges. For organisations with physical hardware, such as on-premise servers, critical skill sets may be required to provide support or maintenance. Having dedicated members responsible for specific locations to ensure that critical staff responsible for operations stay separated ensures that 50% capacity is retained should one group have to self-isolate.
Communication and training
For many, the transition to working from home will be disruptive for both employees and the IT and security team. The transition could come with its own distractions which could lead to staff not following general guidelines or company security policy. Sending a message to your team to remind them of security policies may go some way in making them think twice before installing that browser plugin or clicking a malicious link.
Collaboration tools
Secure collaboration tools, such as Slack and Google Hangouts are convenient and secure ways for teams to communicate. Where possible ensure collaboration tools offer end-to-end encryption and store data privately.
Use a trusted VPN
Many organisations will have a virtual private network (VPN) for its traveling workforce or for devices that leave the corporate network.
Organisations with VPN capabilities already in place may wish to review whether they can support the increase in data consumption that mass working from home would bring. Otherwise, they could risk very slow connections or a loss of connection entirely which could impact the performance of your workforce.
For organisations without a VPN in place, there are plenty of trusted open-source options available but you will need to consider the hardware and setup implications involved.
Encourage staff not to install their own VPN software. There are many examples of malware masquerading as free VPN software.
Remind travelling staff to check local laws as VPNs are illegal in some countries.
Avoid public WiFi
Public WiFi should be discouraged on any corporate device without a VPN in place and active. Alternatively, staff may wish to tether to a mobile device with a 4G or 5G connection. Whilst this is far more secure than public WiFi you may wish to consider the cost to the business in data and roaming charges.
Ensure anti-virus software is up-to-date
Anti-virus can only detect threats based on previously seen attacks. Make sure all devices leaving the office have anti-virus installed or where already in place that they are updated.
Make sure devices and operating systems are up-to-date
Updates to operating systems can fix vulnerabilities that can be exploited. Make sure all devices are updated.
Encrypt hard drives
An often overlooked consideration, devices carrying sensitive information outside of the corporate network should have encrypted disks. Workstations remaining in the office unattended should also have their disks encrypted.
Ensure that staff know how to report suspicious activity
Attackers and scammers have been known to exploit heightened emotions and panic. With staff outside of their regular routine and normal company communications impacted it is important they stay vigilant. Remind staff how to report suspicious activity, such as suspected phishing campaigns, and praise individuals who do.
Dealing with unusual behaviour alerts
IT and security teams may feel the burden caused by tools that rely on unusual behaviour or basic anomaly detections during this time. Such tools tend to over-alert because they cannot understand the difference between unusual and malicious behaviour. Unfortunately, people and devices frequently behave strangely, making understanding unusual versus malicious very difficult.
This problem could be exacerbated by hundreds of devices suddenly in use from new locations and at unusual times of the day.
Where possible, analysts or IT teams may wish to configure their systems to suppress alerts directly caused by large amounts of employees working from home. Caution should always be taken when suppressing alerts as important behaviour or genuine threats could get filtered out.
Offering our support to protect workers anytime, anywhere
We’re also trying to support the community where we can. In order to help businesses adapt successfully to new ways of working by balancing risk and maintaining an effective security function during these uncertain times, we are offering new customers 6 months free of our ‘Endpoint 360’ feature.
Additionally to Senseon’s combined network and endpoint capabilities, Endpoint 360 protects travelling and remote workers no matter if they are on or off the corporate network, and whether or not they are using a VPN.
Single-point tools such as NDR will only monitor and alert upon activity over the corporate network. Even at the best of times this limitation in coverage leaves large gaps in defenses and weakens the ability to detect malicious activity across the organisation. This can be particularly unhelpful if you have a traveling or remote workforce.
Unlike other tools, Senseon’s data-first approach looks at the behaviour of the network, endpoint devices and external intelligence from Investigator Microservices. These multiple perspectives provide extensive coverage across the organisations and allow for the accurate automation of detection, investigation and response.
Senseon helps to keep your team and devices safe even when they are not connected to the corporate network. With Endpoint 360, Senseon allows you to monitor your remote or travelling workforce 24/7 and their corporate devices wherever they are working, whether they are on or off the VPN. If your organisation is considering enforcing or encouraging a work from home measure, then this feature ensures that your organisation’s security visibility or protection doesn’t have to change.
We hope these considerations will help you and your organisation deal with the impact that Covid-19 and working from home may bring. If you would like to discuss your security operations or learn more about how Senseon can help keep your employees safe, please get in touch. mollie@senseon.io
About the author
Mollie Payne, Customer Success Manager, Senseon
Following her Mathematics degree from the University of Bath, Mollie wanted to expand on her passion for cryptography and was keen to explore a career in cyber security. Now at Senseon, Mollie supports our customers in the deployment of our technology, ensuring we provide outstanding service, and enabling customers to get true value from the Senseon platform.