The holidays may be a time for spending time with loved ones and exchanging gifts, but the gifts cybercriminals bring aren’t jolly at all. 2020 Has been a rough year, and many organizations have felt the strain, particularly when it comes to cybersecurity and adapting to the changing tactics cybercriminals are employing.
This year, give your organization the gift of a good cybersecurity posture by taking steps to safeguard your digital assets.
The Cybercrime Pear Tree: How the Sudden Shift to Remote Work Has Changed the Workplace Landscape
The sudden pivot to remote work earlier this year left many organizations scrambling to continue daily operations and minimize disruption, which means cybersecurity may have fallen down your list of priorities. 2020 saw an increase in the number of cyberattacks and brought with it new attack surfaces. Paired with a distracted workforce and unanticipated staffing shortages in a multi-stress environment, 2020 created very favorable conditions for cybercriminals that are likely to continue into 2021.
The continued shift to remote work has meant that many organizations are relying on new and unfamiliar infrastructure and processes to continue daily operations. This lack of familiarity and the artificially accelerated shift to remote work means your team may not know about existing vulnerabilities in the software they are using to do their jobs. Cybercriminals are continually exploiting existing vulnerabilities in remote work technologies, so you need to ensure all software used has undergone a security audit.
However, even if your organization has thoroughly vetted all new technologies and processes, you can’t be certain that your business partners, vendors, and other third parties have been as studious, which means you need to be extra vigilant and may need to take additional steps to minimize risk to your organization.
The Human Factor
The pandemic has taken an emotional toll as well, leaving workers distracted and stressed. Personal and financial stressors leave workers more vulnerable to social engineering attacks, and remote workers may not be as vigilant about their cybersecurity posture at home as your internal security team is at the office.
As more workers call in sick or need to take time off or reduce the number of hours they are available to care for dependents or relatives, many organizations are facing unanticipated staffing shortages. At the same time, while many workers used to find working from home increased their productivity, the forced isolation, limited privacy, loneliness, and new demands brought by the pandemic have decreased productivity dramatically.
In the United States, recent data suggests productivity among professional and office workers is down 11%, and manual service and industrial workers are, on average, 17% less productive. In-house security teams have been particularly hard hit as they are forced to operate in an environment where they now face multiple crises on various fronts at any one time, each of which demands significant attention from both management and security teams. Securing a remote workforce is also more difficult than securing an on-site workforce, further adding to security workloads.
The Digital Partridges: Threats to Guard Against
Phishing Attacks Leveraging Video Conferencing Software
Many cybercriminals have begun to leverage video conferencing software such as Zoom and Skype to launch phishing campaigns. Criminals create phishing emails made to look like legitimate pending notification emails coming from Skype, Zoom, or a similar platform. When users click on the link in the email, they are asked for their username and password, which are then harvested by unauthorized users for criminal purposes.
Since social engineering attacks often rely heavily on email or other communication types such as phone calls or text messages, remote work environments are particularly vulnerable to this type of attack as users trade in-person meetings for phone calls, video conferencing calls, and text-based forms of communication.
Social engineering plays on two main factors: our innate desire to help others and emotions such as fear, urgency, or other forms of psychological distress. Cybercriminals trick or scare users into opening malicious files, click on malicious links, or reveal sensitive information. A sense of urgency prompts users to act quickly before they have had a chance to properly weigh the request and consider it rationally. By the time users or their superiors realize something fishy is going on, it may already be too late.
Protecting Your Presents: Steps Your Organization Can take to Safeguard Your Digital Assets
Adjust Your Cybersecurity Strategy
Most cybersecurity strategies were developed with on-site workers in mind, so it is vital to review your cybersecurity strategy in light of remote work and adjust accordingly. You should already be reviewing your security practices at least once per year, but if your next scheduled review isn’t for a while, it might be a good idea to add an additional review to your list of New Year’s Resolutions.
You should also make sure you have a robust yet flexible cybersecurity incident response program in place. If you don’t already, you may want to consider drafting one as soon as possible. You should also review your incident response program and ensure that it takes remote workers into account and is still able to meet your organization’s security needs.
Secure Your Endpoints
An endpoint refers to any device such as a computer or mobile phone that can be used to access your network. While all the endpoints in your physical office may already be secure, you need to ensure that any home devices being used to access your network meet your security standards. Organizations that rely on BYOD (Bring Your Own Device) policies are particularly vulnerable to cybersecurity attacks since organizations don’t have direct and complete control over how those devices are being used, what other programs are installed on them, and other factors that may compromise your network’s security and leave your digital assets vulnerable.
Regular Cybersecurity Training: The Gift that Keeps On Giving
This holiday season, consider giving your workers the gift of cybersecurity training. All employees, from the lowest ranking intern up to the CEO, should receive cybersecurity training as part of their onboarding process and undergo regular refresher training.
The sudden pivot to remote work has likely affected how workers complete their daily tasks, so you should consider adjusting your current cybersecurity training program to account for these changes. You should also make sure that, as part of this training, you explain to workers why certain steps, procedures, and policies are important and how they contribute to the overall security of your company; When workers understand the “why” behind the “what,” they are more likely to see the value in additional steps and make sure to take them.
Run More Exercises
Exercises such as pen (penetration) tests and tabletop exercises are incredibly valuable.
Pen tests involve hiring an ethical hacker to stress-test your network and look for vulnerabilities. Your team can then use the insight gained by the hacker to improve your overall security. Running a pen test on your network, with a focus on any new software your remote workers are using, can help ensure that your organization isn’t left vulnerable.
Tabletop exercises act like cybersecurity fire drills: workers are given a hypothetical scenario (such as a hack or data breach) and tasked with responding to it effectively. Tabletop exercises allow workers to apply the knowledge they gain in cybersecurity training in a no-risk environment. Once the scenario is complete, you and your team can sit down and review your response’s efficacy and identify any gaps or problems that need to be addressed.
Should you experience a breach or hack, our team can help you fend off the attack, identify the root cause of the issue, and identify steps you can take to mitigate or even avoid damage and create concrete plans to help you prevent similar attacks going forward.To learn more about the cybersecurity threats 2021 is likely to bring, and what steps you can take to safeguard against them, please contact our team today.
Traveling is stressful, even when things go smoothly. Your routine is disrupted, you are in an unfamiliar place, and there is a good chance you are not as well-rested as usual. This can make you less vigilant about your cybersecurity, and if you don’t speak the local language, you may have trouble getting the information you need to make an informed decision. These factors mean that semi-public places such as airports are also a hacker’s best friend. When you are focused on making your connecting flight, figuring out what happened to your luggage, or trying to determine where your new gate is, your usual cybersecurity best practices may no longer be top-of-mind, and hackers and other cybercriminals will try to take advantage of this.
Airports, in particular, offer a false sense of security. After all, you had to be processed by security before entering, so logically an airport would be safer than other public places such as shopping malls or bus depots where just anyone can walk in. However, while airport security is concerned about cybersecurity, their main focus is protecting the airport and airlines from external threats. As such, cybercriminals may be able to operate undetected within the secure area of the airport and take advantage of the chaos of traveling to snare unsuspecting victims. USB charging ports and free wifi are two common traps that too many travelers fall for.
Free Airport Wifi
While unlimited data plans are becoming more affordable, and more common, most of us still have some a cap in place. As such, free wifi can seem like an oasis in the desert. However, while you may be tempted to connect to that “Free Airport Wifi” network, how do you actually know that network is safe? If you don’t know, with absolute certainty, that a publicly accessible network is safe, the best course of action is to avoid connecting to it. A good mantra to follow in this situation is “when in doubt, go without”. If you encounter anything suspicious in an airport, including a suspicious wifi network, you should alert airport security.
USB Charging Ports
More than one traveler has realized at the most inconvenient time that their phone or laptop is about to die. Whether you need to finish that report for your boss before you land, or just want to keep your kids entertained with the iPad, a dead battery can quickly turn a smooth travel experience into a rocky one. To help travelers top up their batteries, many airports offer USB charging stations. Though you may assume it is safe to connect to these, you should be extremely wary. Hackers can and do modify chargers to log your keystrokes and steal sensitive information (including passwords) off of your phone, tablet, or laptop while it charges. While older digital devices that rely solely on power-only connections are not at risk, owners of newer models that rely on a single USB port for both charging and data transfer should avoid public USB charging ports. After all, it would be better to have to explain to your boss why you couldn’t finish that report than explain how the sensitive company information on your laptop came to be compromised, potentially exposing the entire organization to DNS spoofing or malware such as ransomware.
What You Can Do to Protect Yourself
The best thing you can do to protect yourself against cyber threats is to remain vigilant, and follow a few easy, yet highly effective, strategies.
Create a Strong Password
A strong password is necessary whether you are traveling or not, but you should be extra vigilant while in unfamiliar territory. Choosing a password that follows the NIST (National Institute of Standards and Technology) guidelines is a good place to start: Passwords should be no shorter than eight characters, avoid sequential or repetitive characters (such as 12345 or AAAAA), avoid context-specific passwords (such as passwords that include the name of the site or your name) and avoid common passwords (such as “password”). You may also want to consider investing in a subscription to a password manager, which can help you create and store long and complex passwords that are more difficult to crack.
Use Your Hotspot
If you really need internet access for your laptop or a tablet that does not have its own data plan you should tether to your phone instead of relying on free wifi.
Disable Auto Connect
When you are away from home or the office you should disable auto-connect on your phone. This will help prevent you from inadvertently connecting to suspicious and potentially compromised wifi networks.
Invest in Battery Powered Charger
To avoid having to rely on potentially compromised USB charging stations, you should invest in a good battery powered charger. These chargers can often charge your phone or even your laptop multiple times before they require recharging, and can help ensure your journey is safe and smooth.
Keep Your Software Up to Date
When companies discover vulnerabilities in their software, they release patches to fix them, but you can only take advantage of the fix if you download the patch. Make sure your software (including both your operating system and individual apps) is fully up to date before you leave home. Recently patched software is also a target for cybercriminals, who know that not everyone will be vigilant about downloading the patch right away. This means that cybercriminals will specifically try and exploit recently patched cybersecurity holes in the hopes of gaining access to private and sensitive information.
Disable Unnecessary Connectivity
Your Bluetooth connection and hotspot should only be active if you are currently using them. Turning off your Bluetooth and hotspot when they aren’t in use helps ensure that your digital devices remain secure by cutting off potential paths that cybercriminals can use to gain unauthorized access.
Keep an Eye Out for Unusual Activity
Avoid using your debit card while traveling, and stick to cash for smaller purchases and credit cards for larger ones. Credit card companies provide fraud protection, which means that if you are compromised, you are much less likely to be on the hook for unauthorized purchases. While cash is ultimately the safest form of payment from a cybersecurity perspective, carrying large quantities of cash comes with its own safety hazards. You should check your credit card statements regularly while traveling, and keep an eye out for any suspicious transactions. If you do discover something fishy, you should report the suspicious activity to your credit card company right away. Suspicious activity may necessitate freezing your card, which is why you should have enough cash on hand to cover any emergencies. Your credit card company will also be able to advise you on the next steps if you have been compromised.
Whenever you visit a website, particularly one you have not visited before you should keep an eye out for a few red flags that may indicate the site is malicious. You should always be extra vigilant when visiting your bank’s website, your email, or any other site that requires you to enter sensitive information. Poor grammar and spelling may indicate that the site is not entirely above board, and misspelled company names (particularly in the URL) are a huge red flag. Cybercriminals know that humans make mistakes, and a transposed or missed letter could land you on a site that looks like your bank’s website but isn’t (a common form of phishing). If you don’t catch this ruse before you enter your credit card information, password, or other personal information you may have just inadvertently handed over sensitive information to cybercriminals. When visiting a website, take a moment to look at the URL. To the left of the URL, there should be a little padlock. This padlock indicates that your connection is encrypted, meaning that any information you enter onto the website will go directly to the intended recipient. This prevents man-in-the-middle attacks, which are used by cybercriminals to exploit weaknesses in websites and intercept their traffic, including your personal information and passwords. While some web browsers may flash a warning on the screen when you attempt to go to an unsecured site, this is not always the case, so it is up to you to ensure that if you do stumble upon a suspicious site, you exit it as soon as possible. These simple, yet effective, strategies can help you safeguard your personal information against cybercriminals both while traveling and while at home. If your line of work involves a lot of business travel, your company may want to consider talking to their MSSP (Managed Security Service Provider) about infrastructure changes (such as virtual private networks) and employee training that can help ensure sensitive information remains secure when employees need to work remotely. By remaining vigilant and avoiding activities that could leave your digital devices exposed, you can help ensure that the only unexpected bumps on your trip come from airplane turbulence. Bon voyage!
On the surface, a Bring Your Own Device (BYOD) policy seems like a great business move. By allowing employees to use their own devices, such as laptops, smartphones, and tablets, companies can save money and increase productivity. However, securing your network in a BYOD environment poses unique challenges from both a cybersecurity and a privacy standpoint. If you don’t address these risks properly you could be leaving your company, and it’s data, vulnerable. This guide is designed to help your company smoothly transition to a corporate BYOD policy.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h3″ accent=”false” class=”cs-ta-center”]The Risks of BYOD[/x_custom_headline][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased Risk of Data Leakage[/x_custom_headline][cs_text]
When you allow your employees to access corporate data using their own devices from anywhere it increases the possibility that your data may be leaked. Mobile devices are the weakest link when it comes to network security because they are the most susceptible to attacks.Mobile phones and tablets require constant patch updates to secure security loopholes, and even a single missed patch can leave your company, and its data, vulnerable.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased Exposure to Vulnerabilities[/x_custom_headline][cs_text]
Due to the nature of BYOD companies have minimal control over any corporate data either stored on employee devices or accessed via employee devices. If an employee forgets to install a security update, connects to a suspicious wifi signal, or loses their phone it could put your data at risk.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]The Mixing of Corporate and Personal Data[/x_custom_headline][cs_text]
Having employees use their own devices for work makes it difficult to distinguish between personal data and corporate data. If the device is lost or stolen corporate data can be put at risk. Allowing these two different types of data can also pose significant privacy concerns, especially if an employee leaves the company.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased Chances of Malware Infection[/x_custom_headline][cs_text]
Not everyone is as careful with their devices as they should be. If an employee unknowingly installs malware onto their device, which is connected to the rest of your company’s network, they might end up spreading the malware to other devices. Depending on the nature of the malware your employee may unwittingly install keylogging software, which would allow unauthorized users to learn your employee’s usernames and passwords. This obviously poses a huge security risk, since unauthorized users could use that information to gain access to sensitive or private corporate data.
[/cs_text][x_custom_headline level=”h3″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Increased IT Infrastructure[/x_custom_headline][cs_text]
When a company switches to a BYOD policy the IT department will need to rework their existing infrastructure to accommodate a variety of personal devices. Most companies end up investing a lot of time, energy, and other resources to make sure that BYOD policies are compliant with existing security and privacy policies. You need to make sure things are done correctly to avoid having to divert more time and resources to fix problems created by a poorly implemented BYOD policy.
[/cs_text][x_image type=”none” src=”https://www.virtualarmour.com/wp-content/uploads/2019/01/bring-your-own-device.jpg” alt=”Bring Your Own Device Security Policy” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” style=”width: 1260px;”][x_custom_headline level=”h2″ looks_like=”h3″ accent=”false” class=”cs-ta-center”]How to Protect Your Network While Using a BYOD Policy[/x_custom_headline][cs_text]
BYOD can complicate your cybersecurity needs, but that doesn’t mean it is a bad idea. To help ensure your network stays secure here are some steps you should take and some policies you should consider implementing.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Conduct an IT Audit Before Enacting BYOD[/x_custom_headline][cs_text]
Before you begin implementing a BYOD policy you should conduct a thorough audit of your current IT infrastructure and policies. That way you can address any potential cybersecurity gaps, problems or conflicts with your existing IT protocols before you begin. This will not only make the change over go more smoothly, but it will also help you ensure that you aren’t inadvertently exposing sensitive information or creating a gap in your cybersecurity when you begin to change things.
Not everyone needs access to everything. To help keep your network secure you should add role-based access. That means that how much access each employee is granted is tied to their role, and their access is limited to only to systems and information their job requires access to. You can also restrict access on a profile basis, which will limit who is allowed to access your systems remotely and allow restrictions on some applications or filesharing to within your internal office network. This will not only improve your cybersecurity but will also make it easier for you to audit and monitor your data and better control a leak should one occur.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Require Two-Factor Authentication for Mobile Access[/x_custom_headline][cs_text]
Both passwords and physical devices can be stolen, which is why many companies are enacting two-factor authentication processes for employees who need to access the network remotely. Two-factor authentication requires employees to use two different pieces of information to confirm their identities. Most two-factor authentication systems pair a strong password with a second factor such as a text message confirmation, a hardware element, or something else. For example, if an employee tries to log in using a two-factor authentication method from their laptop they may be prompted to first enter their password and then send themselves a “push”. The push is generated by an app, and in order to log in the employee must acknowledge the push using their mobile phone before access is granted.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Install Mobile Device Management Technology[/x_custom_headline][cs_text]
One of the biggest problems with BYOD is that because employees use their personal devices for both work related and personal uses corporate data and personal data can become intertwined. Installing Mobile Device Management (MDM) technology on all devices used for work helps you, and your employees, keep personal and corporate data separate. It also allows you to remotely access and remove corporate data from employee devices while keeping employee data private. This not only provides your company with stronger control over corporate data but also helps shield you from legal problems associated with accessing employee’s private information.
A lot of data leaks are the result of poorly patched software. When software companies discover vulnerabilities in their programs they issue patches to fix them. However, patches are only useful if they are installed. Unpatched and out of date software is vulnerable to cybersecurity attacks because unscrupulous individuals now know exactly what vulnerabilities they can exploit to potentially gain unauthorized access. By incorporating Network Access Control (NAC) you can ensure that all devices that connect to your network are up to date on their software, including anti-virus software. Devices that are not up to date are denied network access until they are updated.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Protect Your Endpoints[/x_custom_headline][cs_text]
Endpoint protection involves using security programs that scan all devices requesting access to your network. This software then identifies any devices that may be infected with malware or other viruses an
d denies them access. This not only protects your internal network but also helps safeguard other company technology assets and other employee devices.
One of the simplest things you can do to improve your company’s cybersecurity is require employees to use strong passwords. NIST (the National Institute of Standards and Technology) offers comprehensive password guidelines in section 22.214.171.124. (Memorized Secret Authenticators).
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Require Immediate Notification for Lost or Stolen Devices[/x_custom_headline][cs_text]
In a BYOD environment, employee’s personal devices are not only connected to your network but may also have corporate data stored on them. Therefore, if an employee’s device is lost or stolen your company should be informed immediately so that you can take proactive measures to protect your corporate data. You should have clear cut policies in place that requires employees to report lost or stolen devices and make sure that all employees understand that this is the case.
Should a device be lost or stolen you should have protocols in place for safeguarding the data stored on the device. A device locator service (such as Find My iPhone) can help you and your employees locate lost devices. However, if the device is stolen you may need to consider wiping it so that unauthorized users cannot use the device to access corporate data. Remote wiping services can help you remove corporate data from employee devices that may have fallen into unscrupulous hands.
[/cs_text][x_custom_headline level=”h2″ looks_like=”h4″ accent=”false” class=”cs-ta-left”]Create a Policy for Exiting Employees[/x_custom_headline][cs_text]
Ending a working relationship with an employee is never pleasant, but that doesn’t mean that you don’t need to be prepared for that eventuality. You need to have clear and robust policies in place for removing corporate data and access to your network from the personal devices of exiting employees. All employees should be aware of those policies and when an employee is exited those policies should be enacted as soon as possible.
A BYOD policy is a great way to reduce costs and increase employee productivity, but if it isn’t implemented correctly it can cause headaches and leave your corporate data vulnerable. Not everyone is a cybersecurity expert, and many businesses don’t have the resources to create a full time, in house cybersecurity team. That is where Managed Security Service Providers (MSSPs) come in. MSSPs can provide your company with protection and monitoring 24/7/365 and help you mitigate damage should a cybersecurity event occur.