By Snehaa Elango, Product Consultant, ManageEngine
COVID-19 has disrupted the daily life of so many around the world in a shockingly short period. With much of the global population under lockdown, many organisations have adopted temporary work-from-home measures to keep themselves functional.
System administrators are under pressure to ensure business continuity during the pandemic. Apart from enabling employees to access organisational resources remotely, sysadmin must also ensure that security is not compromised in the process.
Security takes precedence during this pandemic
According to the Computer Emergency Response Team of India (CERT-In), the national cybersecurity agency, instances of cyberattacks on personal computers have been increasing ever since organisations around the country started implementing work-from-home policies for their employees.
It is not just private organisations who are at risk, government departments are equally vulnerable. Recently, it was reported that the Kerala Public Relations Department’s website was hacked by miscreants, who harvested personal data belonging to thousands of registered users.
In light of the economic uncertainty due to the pandemic, organisations can’t afford to let a costly security breach occur now. When an organisation’s corporate devices are used for personal needs, one wrong application is all it takes to put corporate data at risk from a security breach. When corporate devices leave the security of your network, locking down or maintaining a close watch over such devices is often your safest bet.
The best practices below can help IT admins with their tasks, during this time of crisis and after:
1. Prevent drive-by attacks
Drive-by attacks are one of the most commonly used malware delivery methods. Cybercriminals identify unsecured websites and inject malicious code into them. When unsuspecting users land on such pages, malware is downloaded onto their system. These downloads often happen without any user interaction.
To prevent users from landing on harmful websites, be sure to enable safe browsing for Chrome and Firefox and the SmartScreen filter for Microsoft Edge and Internet Explorer. These features ensure users don’t land on infected websites.
Sysadmins should also use a web filter to restrict downloads to trusted websites. That way, if users land on malicious websites despite safe browsing mode and the SmartScreen filter, malicious downloads are still blocked.
2. Detect and remove harmful add-ons
Browser extensions enhance their browsing experience, but they require permissions from the user to access various aspects of the browser. With work-from-home policies blurring the lines between business and personal browsing, extensions added for personal needs could be mining enterprise data as well.
Sysadmins need to keep track of the extensions installed on corporate devices and remove the ones that are not required for business purposes.
Once granted permission, many extensions read the content present on any webpage the user visits, track browsing history, make changes to web content, and perform other potentially compromising actions. Any information present on a browser stops being secure once a user installs an extension from a questionable source or uses an extension that doesn’t have a properly secured cloud database.
3. Block unauthorised applications and implement endpoint security
A good number of free applications are readily available on and off the cloud, and employees often use these tools to get their work done more efficiently. When users enjoy these free applications without the approval of IT, they put corporate data at risk. IT admins are left in the dark, trying in vain to ensure data security.
Sysadmins need to keep track of application usage to identify and block access to unauthorised applications. When keeping track of corporate devices is a necessity, a unified endpoint management (UEM) tool can help sysadmins greatly. Endpoint management and security are essential to organisations regardless of where their users are working. IT teams can lock down endpoints to restrict access to only authorized websites and applications.
Today, with users working remotely, these security measures are a necessity to ensure corporate data is safe and employees remain productive.