COVID-19 and remote working
COVID-19 and remote working
Securing systems to ensure business continuity
The onset of COVID-19 is bringing a variety of business continuity challenges. As well as a growing need to work remotely, hold more teleconferences and generally remain operational, organisations need their IT systems to support less orthodox ways of working. As they get to grips with this challenge, there is a risk that these new ways of working present opportunities for attackers seeking to target the confidentiality, integrity and availability of data and systems.
Employers are likely to increase their remote working capabilities, leading them to open more resources and business-critical systems to employees working from home. This will make it more difficult to identify anomalous behaviour as the baseline standard of normal behaviour will have shifted. In addition, remote working for prolonged periods may also encourage employees to bypass security controls to make their working lives easier. For instance, employees may store more information on their laptops and portable storage devices than normal, increasing the risk of sensitive data being leaked if devices are lost or stolen.
Given the risks that COVID-19 brings, our cyber response team – which supports clients during complex cyber security incidents – has outlined some key questions to consider:
1. Do you need systems to be live while employees are not present?
While some systems are crucial to the functioning of an office filled with employees, they are not needed when teams are working remotely. These systems by nature can be vulnerable, such as printers, Wi-Fi and video conferencing technology. Easily reduce your attack surface by powering down unnecessary equipment.
2. Does your IT team have the capability to remotely monitor and respond to events?
Ensure that any monitoring tools you have in place are accessible from home, and that your IT team can access all the information they would need in the event of a network compromise.
3. What IT equipment will employees be using while working remotely and is it sufficiently locked down?
Ensure that any equipment that employees use while working remotely allows them to do so efficiently, while ensuring that access to resources and data sharing is restricted. If you are using cloud-based email and document management systems, ensure multi-factor authentication is enabled.
4. Are employees able to recognise phishing attacks?
Control Risks has identified an increase in the sophistication and frequency of phishing attacks designed to take advantage of the COVID-19 pandemic. It is critical that organisations raise employees’ awareness before and during any remote working periods. Further analysis on phishing and COVID-19.
5. Are your employees able to identify and prevent the spread of malware?
It is essential the employees do not connect their devices to the corporate network remotely if they identify any suspicious behaviour. These devices may be more susceptible to compromise because they are operating on external networks. If they can connect back into the organisation’s resources remotely, they could facilitate the spread of malware.
6. Do you have a viable backup of critical data?
Maintaining an up-to-date backup of business-critical data that is segregated away from your core corporate network is essential – now more than ever. If your network becomes a victim of data extortion attacks such as ransomware while teams are out of the office, having a recent backup will significantly reduce the time it will take to recover your business.