The world has witnessed unforeseen changes in the last few weeks led by the Coronavirus pandemic. With the nation-wide lockdown in place, various organisations have resorted to remote working for their staff. However, a challenge for organisations has been to tackle the risks of rising cyber-scams that have followed this remote working trend. Across the world, hackers are taking advantage of the situation to exploit possible vulnerabilities caused by this situation.
As a result, there have been increased cases of hacking, phishing and other online frauds coupled with cyberattacks through various viruses in the form of ransomwares, data stealers or banking malwares such as Mustang Panda, Kimsuky and many others.
In India itself, cyber criminals created fake UPI ids to lure donors looking to contribute to the PM-CARES fund. This leaves business leaders with a responsibility to ensure that appropriate authentication and access management policies are in place to protect access to their networks and sensitive data.
To ensure business continuity, it is extremely critical for employees to be well connected among themselves, their partners and customers through secure channels. Subsequently, safe instant messaging applications that allow colleagues to efficiently and securely communicate and work together is the need of the system.
Citadel (a secure instant messaging platform) and Cryptobox, both of which are already widely used by major organisations, the French government and its administrations have been made available free of cost from Thales, a global technology leader. These solutions make remote collaborative work easier and more secure.
What else can be done to ensure that the remote working experience turns out to be a safe one for both employees and organizations? A few tips and tricks can help individuals and organisations keep themselves cyber-secure while they work from home.
When it comes to employees, it is a must to abide by the company’s IT policies and not use unauthorized devices, applications, services, tools and networks. Additionally, employees must avoid sensitive conversations on unsecured communication channels.
Organisations must deploy secure environments for employees to work and communicate with colleagues, clients and others. They must combine detection tools with cyber threat intelligence to protect systems. The usage of tools such as IDS (Intrusion Detection Systems) that are enriched with information provided by cyber threat intelligence can detect attacks early and significantly reduce the amount of potential damage.
Organisations should also use multi-factor authentication (OTP, digital signatures, biometrics) to secure access to data. Robust encryption must also be in place so that even if network defences are breached, the data is rendered useless to the attacker. Organizations can also deploy solutions such as SafeNet Trusted Access to secure remote access for VPN users and cloud services such as Salesforce, Office 365 or other virtual environments, with single sign-on (SSO) and scenario-based access policies.
Organisations must also take it on themselves to educate staff about the need to protect data even as they work from the relatively informal environment of their home. These could be in the form of online trainings, reading material or simple reminders to regularly update laptops and phones with security patches.
The global pandemic of Covid-19 has indeed re-emphasised, more than ever, the need for all businesses to scale up their IT readiness and address the unique demands of continued operations, especially remote working. Cyber-security has now become a pinwheel in organisational strategy and plans, leading to continued investment and evolution in shaping it to become ready for the current hurdle and for any future challenge as well.