1 Phishing is on the rise
Attackers acted fast to take advantage of the current Coronavirus health scare. Research shows that customized phishing campaigns intended to steal credentials and spread malware are increasing.
Make sure employees use MFA solutions to decrease credential theft risks. Remind everyone – do not click links or open attachments unless sure about the source.
2 Deploy a trusted VPN with a secure MFA
Access to company assets is most likely already dependent on a VPN. But how secure is it?
As more employees work via secure connections, it is imperative to secure VPNs with a Multi-Factor Authentication service.
3 Use a Secure SSO platform
For organizations relying on cloud services and online platforms, a compromised credential can be especially devastating these days.
A Single Sign-On portal with secure authentication will prevent multiple passwords and minimize the risk for takeovers.
4 Update OS and Security Software
An obvious policy in most organizations which is usually done automatically, but might need adjustments to deploy remotely.
With employees working from home IT managers will need to make sure updates and patches are still deployed regularly.
5 Review privileged access
Privileged accounts always pose a potential threat, even more so when IT reaction time is slower.
This is a good time as any to review organizational privileges and make sure principles of least privilege are met.
6 Provide secure collaboration tools
The need for remote collaboration tools is higher than ever, and the temptation to approve anything that helps employees is high as well.
Remember that without official tools, workers are very likely to use free products and personal accounts that are, at best, less secure.
7 Back up your data
When work is done at home it’s less likely to be constantly backed up, unless employees have an easy tool that does that for them.
Not only should employees understand the importance of regular backup, they must also know how to verify it’s actually working.
8 Plan for upcoming helpdesk needs
Moving to remote work is bound to bring some unexpected IT needs from employees.
Helpdesk teams are crucial at times of change to guarantee continuity of work. They should not be overwhelmed with preventable issues such as password resets and renewals.
9 Encrypt sensitive data on edge devices
When work is done remotely, loss or theft of laptops and storage devices is simply more likely to happen at some point.
Full disk encryption is natively available in most modern laptops and mobile devices, using it (or another encryption solution) can prevent major data breaches.
10 Educate employees about basic home IT security
Homes environments are inherently less secure, potentially risking business-related assets.
Remind users, especially those handling sensitive business data, to set their own passwords on routers and smart devices and take other basic measures.