40+ Cybersecurity Tips for More Secure Remote Working During the Lockdown

When the entire country is under lockdown and companies have had to resort to working remotely. Employees and employers have adapted to the Working from Home (WFH) culture. While WFH employees are facing the same kinds of security risks they would encounter at their normal workplace.

However, they are more vulnerable to falling for scams, with agility overnight, employees who work with sensitive and confidential data are currently most susceptible to cyber threats at the moment.

It is essential at this moment to monitor baseline behaviours and any anomalous cyber activity should be looked into in real-time basis.

Ashwin Pal, Director of Cyber Security, Asia Pacific, Unisys

COVID-19 teaches us varied lessons. CISOs must focus on cyber resilience to ensure their organizations can survive another bushfire or COVID-19 event. Every organization should come to terms of knowing whether they’re resilient enough and start working on a plan to address the gaps exposed by COVID-19.

Measures for the enterprises to secure the infrastructure –

• Deploy technology that allows client machines access to critical servers without using the VPN. The technology currently exists that effectively creates a cloaked, cryptographic peer to peer network between the endpoints and servers freeing up the load on the VPNs while providing access based on least privilege

• Again technology exists that not only allows users access to critical applications securely but also allows granular access controls based on identities. This not only restricts access to the required application but also enforces granular role-based access controls greatly reducing the attack surface

• The same technology mentioned above cloaks endpoints and servers making them invisible to network mapped (Nmap) scans, making them very difficult to hack. This technology can also integrate with your SIEM or other security software which, upon detection of a security incident, can instruct the software to isolate the endpoint or server preventing east-west infection.

• This software can cryptographically segregate and cloak your backup infrastructure preventing ransomware encrypting backups. These controls must be augmented by good user education about the risks of phishing, downloading malicious apps and other cybersecurity hygiene, as well as good email and web filtering technology that can prevent phishing emails and other malicious downloads

• As above, cloaked endpoints that are invisible are near impossible to hack. This is particularly important as a single mitigating control for BYOD devices that may not be as secure as corporate devices. Additional controls such as advanced malware protection, host intrusion detection systems, host firewalls and adequate patching should be implemented. Also, consider disk encryption and multifactor authentication.

• The same technology mentioned in 1-4 above will also encrypt all traffic between endpoints and servers using IPSEC VPN tunnels. The keys used are ephemeral thus removing the need for complex key management and risks around discovery and replay.

• Have an open discussion with vendors and third parties around the increased risks due to COVID-19. Ensure that they have the relevant controls in place to safeguard their data and yours. Where vendor and third-party controls are found to be lacking, access can be restricted using the

• Software discussed in risks 1-5 above to specific areas of the environment, thus containing any potential intrusions

• Talk to your telcos and other providers of denial of service mitigation services to help mitigate these types of attacks. Additional investment in user and network behaviour analysis, combined with the controls discussed above, can assist with detecting malicious traffic masquerading as legitimate traffic

• A key lesson from COVID-19 is that organisations must always be resilient and a big part of this is to ensure you have a robust, up to date and well tested BCP and DRP plans.

• Just like prevention is better than cure, awareness is the key to stay secured. Be aware and vigilant, especially during times like these when cyberattacks are on the rise. Cybercriminals are opportunistic and the moment you lose the grip of security points, you might attract cyber attackers.

• An organization must ensure effective communication between your team members, leaders, customers, vendors and partners. This is one of the most important ways to deal with any disaster as well as avoid it.

There is never a ‘one strategy fits all’ security approach that businesses can follow. It differs with each organization. When multi-cloud migration occurs and companies adopt innovations, such as containers, network virtualization also needs to grow adequately in order to protect extremely complex environments ranging from public clouds to private clouds to data centers. Else, companies face blind spots of visibility and difficulties of management. Organizations must implement cloud security solutions that operate together and are easily managed like virtual firewall platforms that feature parity with its hardware firewall platform.

Dynamic and short-term spike licensing options address any unforeseen events and disaster scenarios. Secure Mobile Access enables users to leverage the economic and operational advantages of cloud platforms by launching their own virtual instances in private clouds based on VMWare or Microsoft Hyper-V, or in AWS or Microsoft Azure public cloud environments.

• Just like disaster management, businesses must have plan B to be able to combat any security attack. Most businesses wait for the attack to happen and then prepare the recovery plan, which is not the right approach. Cybercriminals are re-strategizing their ways of attacks and organizations must prioritize and strengthen their security infrastructure.

• Streamline and standardize the technical processes to help employees work efficiently, regardless of their location or device.

• Use resources such as cloud-based services to foster agility and enable employees to easily and securely access the apps and data they need.

• Restrict access to business networks by allowing only authorised access to data and business resources.

• Use Software-as-a-Service (SaaS) collaboration tools to facilitate online interaction and communication.

• Regularly communicate with internal and external stakeholders to look for ways to improve productivity and security.

• Stay informed of the evolving threat landscape to adapt and respond quickly.

Prashanth G J, CEO, TechnoBind

New technologies have made a common life simpler at the same time it has also brought a rise in cybercrime and the fact that cybercrime now permeates every facet of society showing why Cybersecurity is crucially important. It is very important to educate employees on how to secure the company data from cybersecurity attacks.

• There has been an increase in phishing attacks over the past few months, especially on work emails. As more people work-from-home, hackers are leveraging the current scare and panic to make most of the situation. Security leaders must ensure that their employees are updated on different types of attacks or ways a phishing attack can take place -- not just over email but also over other channels like phone calls or online chat.

• All employees should have two-factor authentication for any company logins, be it internal applications or SaaS-delivered ones, ensuring that only the right people are accessing certain sensitive data as well as to reduce the risk of password sharing.

Diwakar Dayal, Managing Director at Tenable, India

Security should form the foundation of a remote workforce. As working from home becomes the new normal, security teams need to revisit their security policies and redesign their digital infrastructure.

• There have been countless incidents from unknown USB drives infected with malware. Unsanctioned data movements will be on the rise due to work-from-home and people will have to sometimes be “creative” on how to transfer data to get their work done. Make sure you have updated antivirus software and use trusted and encrypted USB keys if possible.

• Once a hacker, criminal organization or nation-state has gained access to this sensitive information, it's incredibly difficult to regain control of it. When you need to transfer critical or confidential data, take a few seconds to pause and reflect: can I move this data to this new location? Is the new location safe and sanctioned? Will, the data-in-transit be protected by my VPN or other encryption means.

Aiyappan Pillai, Senior Member, IEEE and Founder-Congruent Services

At this juncture, more people are working remote, the security perimeter can practically be assumed to be global. Hence it is equally important for both organizations and individuals to take adequate steps to secure their respective ICT infrastructure. The recommended steps focus on basic cyber-hygiene as well as behavioural aspects. The success of cybersecurity measures is dependent on correct end-user behaviour and hence is an equally important aspect to be addressed.

From an organization perspective, the following steps are recommended

• Ensure Passwords for access and control with robust policies and strict enforcement

• Firewalls and Anti-virus to be updated with IDS, IPS, DDoS, APT protection capabilities among others

• Harden all servers whether physical or in the cloud. Those operating through cloud service providers need to ensure the same rigour

• Encryption policies and mechanisms for removable media

• Ensure aggressive logging and monitoring. Follow up on every suspicious activity. Better to be safe than sorry

• Implement Multi-factor Authentication (MFA)

• Avoid the use of notified collaboration platforms that pose cyber threats. Regularly refer to www.cert-in.org.in for notifications

• Security procedures and compliance mandates to be circulated to all employees. This is partially elaborated in the next part.

• Conduct regular cybersecurity awareness and practice training

Surendra Singh, Senior Director & Country Manager, Forcepoint

Businesses never planned for security and business continuity strategies for kind of situation we’re in currently. Even if they had, it wasn’t the part of the overall security program for 100 per cent remote workforce.

Under an extended period of stress, anxiety and desperation can make it easy to let one’s guard down when it comes to online threats. Businesses and individuals must practice security vigilance daily and always consider the authenticity of emails.

To ensure safe collaboration among the distributed workforce, businesses need to adopt security measures, and security leaders must engage with employees working remotely to encourage them to practice active security hygiene.

Cybersecurity Tips for employees to act responsibly

• Ensure Passwords for access and control

• Employees should be encouraged to log out from the corporate network at the end of every day.

• Ensure that personal devices have firewalls and anti-virus software installed, kept update and always on. It should also be enabled to protect any browser

• Avoid the use of notified collaboration platforms that pose cyber threats.

• Use collaboration tools with built-in security controls for access and audit.

• Equip your IT support staff with robust and secure remote support tools.

• Regularly refer to www.cert-in.org.in for cyber-crime related notifications

• Undergo regular cybersecurity awareness and practice training

• Never use – freeware solutions even from leading solution providers. Always go in for the best in class solutions even if it is a paid option.

• One should change their default settings and passwords to reduce the potential impact on their work of an attack via other connected devices.

• Employees working remotely should be required to use multifactor authentication (MFA) to access networks and critical applications.

• A virtual desktop interface solution is also a good solution.

• To avoid risk, one should turn off any file-sharing on the work system and ensure home router or Wi-Fi access point has WPA2 security enabled while accessing or working on an important document.

• Follow all mandated security procedures and practise basic cyber-hygiene such as

a. Setting strong passwords with a mix of the lower and upper-case alphabet, special characters and numerals

b. Passwords should not include known generally details from one’s personal information

c. Keep different credentials for different applications

d. Change passwords periodically

e. Never store the passwords in an easily accessible location

f. Password-protect documents

g. Log out/ close session as soon as the activity is complete

h. Do not click on emails or attachments from unknown sources

i. Make context-aware decisions when dealing with known sources

j. A primary behavioural trait that needs to be inculcated is not to take anything at face value. Verify all information or transaction. Err on the side of caution, though it may seem delicate or awkward, just like how one goes through a verification process on call or in person.

It must be understood that cybersecurity solutions are not just for large organizations but are required for all. It is not a luxury but part of basic hygiene. As seen from above, the end-user plays a major role as a potential gateway for cybercrime.

Hence, to sum up, it is apt to say that even with standard cybersecurity solutions in place, to avoid getting infected, one must make conscious efforts to stay safe both in the real and virtual worlds!