Teceze Blog

With work from home becoming the new normal, professionals and students spend more time indoors. They pass time by studying online, working remotely, and learning new skills, shopping online and video streaming to keep themselves entertained. Now, there is an increased need for collaboration tools. This has increased the need for cyber controls.  For starters there could be anxious employees who are trying to connect online, this could render VPN useless or attempts by employees to bypass controls. There could be a possibility of relaxing firewall rules to get things done in a lockdown, only the business risk is heightened.

It is time to keep track of security of collaboration tools that we use, remote infrastructure needs proper technical vulnerability management. Patch management and systems hardening becomes all the more critical. Cloud security is a basic aspect of IT operations to keep organizations stable. Defense needs to be with more depth and emphasis. Multi factor authentication becomes business critical.

Proper management of access control is indispensable. A step wise approach would be to determine sensitive data, systems and networks, the roles which are required to come in contact with such systems and the business need as well as, compensating controls.  Be it a system administrator or application administrator or developer or network administrator proper segregation of work is a basic necessity to ensure reduced scope for fraud.

Security testing at a piloting phase of an application will help in reducing vulnerabilities or scope for exploits.IT and cyber security teams must account for shadow IT which implies creation of certain tools or using certain system resources that are not authorized. Emphasis must be laid on considering additional risks from using such infrastructure. These are present to augment in office IT capabilities.

Adopt and embrace virtualization for your IT infrastructure. This offers the desktop interface that is more hassle free from a security perspective. This is being one step ahead in handling additional risks arising from a lax working environment. For instance, imagine your employees working from their couch and browsing social media pages/blocked pages in between work hours from their mobile device. End point protection is of massive importance in such a scenario wherein there is minimal scope for monitoring. Alternatively, an employee may respond to a phishing email or divulge some confidential data.

End user trainings for increasing information security awareness is of considerable importance. Besides this, digital laggards can no longer afford to use cyber security as an excuse to avoid emerging technologies.

Somewhere a lot of cyber-security related communication is drowned out in emergency or crisis related communications. This is where we need to pay attention to effective means to engage audiences. Wikis, post it notes, real time querying or incident reporting anonymously are all some ways to enhance effectiveness of two-way communications. Send informatory mails to users periodically to keep them aware of latest security attacks or threat vectors.

A risk based approach to handling new attack vectors or threats is the only answer to all these concerns. To begin with, start by identifying high risk user groups, classify sensitive data and monitor for anomalous behavior patterns. For instance, if someone is accessing systems during unusual times try to log their actions/ restrict such untimely access. It could be bulk downloads of data or unusual bandwidth consumption.

Robust and scalable IT processes help in ensuring that business needs are not compromised. IT helpdesks may be more stressed or worked up now because of increasing workloads they need to tackle. Deployment of security tools may put increased demand of capabilities, here companies can explore the possibility of using contractors for quicker deployments/ surged demands. Explore the availability needs of existing collaboration tools and validate their business continuity/ disaster recovery capabilities.

Encourage employees to implement proper record/ document management and retention practices for physical copies of information. Ensure secure retention and disposal of mission critical documents. At a time when there is a hiring freeze, furloughs the demand for security consultants is increasing. The simple reason is because organizations recognize the need for recruiting more personnel in their security operations at a time when digital transformation is taking lead.

Security stack of every firm varies depending upon the approach, availability of resources. However, we need to take cognizance of security and incident event monitoring tools which need to be implemented to improve our cyber readiness. If there are some information processing facilities of the organization which are not monitored then these constitute a major vulnerability. One point we need to consider is the insecure and uncontrolled channels that employees use. This should not be the loophole in the IT infrastructure.

Many social engineering attacks are being launched on employees. These include phishing, vishing, smishing, using fake websites to deliver malware or solicit payments. A large government entity in North America suffered from a distributed denial-of-service attack aimed at disrupting services and issuing misinformation to the public. A major hospital in Europe was hit with a cyberattack that forced it to suspend scheduled operations, shut down its IT network, and move acute-care patients to another facility. And a department of a local government had its website encrypted by ransomware, preventing officials from posting information for the public and keeping employees from accessing certain files.Remote access