RSM South Africa

Fighting cybercrime during mass remote working

top-article-banner-840x80px-blue.png

It is not hyperbole to say that the Covid-19 quarantine era is one of the most stressful and uncertain times in recent history. We have all become distracted by a boatload of new concerns in our lives – home schooling our children, risk of infection, and fears of an economic crisis, to name a few. A distracted workforce can easily become a careless workforce, and those are the perfect conditions for cyber criminals to prey on the vulnerable.

This is nothing new. Instances of cyber criminality were well on the rise before the Coronavirus forced us all out of the office and into our homes. Data breaches exposed 4.1 billion records in the first half of 2019 alone. The cost of digital transformation is an increased risk to sensitive corporate data and networks.

Let’s take a look at our new reality, and a few remote working security tips we can implement to reduce threats.

The current security landscape

Corporate IT infrastructures provide a healthy measure of security and protection, and as well they should – organisations spend millions on them. When people are working outside of those boundaries, however, a number of those security protocols could be nullified.

“Anytime an organisation cannot fully control the access points its workers are using to connect to data and networks, they are left open to vulnerabilities,” says Sheila Pancholi, Partner, Technology Risk Assurance, RSM UK. “Now that a significant portion of the global workforce has switched to remote working , most of us are relying on home network infrastructure and personal devices. In many cases, the security measures at these access points are woefully insufficient.

“Security on these networks and devices is likely not as robust as it would be in an office-based infrastructure,” says Pancholi. “Additionally, some of our IT departments or vendors may be running skeleton crews due to staff being furloughed, on leave or laid off. With fewer people guarding the castle, it’s easier for enemies to find their way in.”

And while threats to cyber security during remote work take many forms, there are two that seem to be the most common at present:

  • Phishing scams that exploit our concerns about the COVID-19 virus
  • Attacks targeted at remote users with insecure or outdated infrastructure

The common theme, of course, is the remote worker. Fortunately, there are some steps you can take to reduce the risk of these threats.

Turning vulnerabilities into defences

User error plays a large part in many cyber-attacks. The 2019 Kaspersky Security Awareness Report found that human error is involved in over 80% of security incidents. With our workers having been thrust onto the front line, they are now our best bet to defend against cyber-attacks. That is why we must arm them with the right tools:

  • Remote working security policy: Remind all workers of the existence of the policy, and where to find it.
  • Training: Implement a mandatory refresher training course regarding remote work cyber security for staff to discuss the evolving threats during Covid-19. It’s also a good idea to run covert phishing/whaling exercises to expose weaknesses within the remote teams.
  • Service review: Conduct a thorough service review of account management procedure to make sure it’s up-to-date.
  • Incident management process: Escalating incidents up the ladder is crucial. If you have an incident management process, make everyone in the organisation aware of it. If you do not have one, now is the time to create one.
  • Updates: Make sure all employees using corporate equipment have applied the most up-to-date antivirus software updates and patches.
  • External use: Remind workers that commercially sensitive or personal data should not be printed at home, downloaded, or saved to unencrypted removable media devices.
  • Third-party vendors: If your organisation outsources its IT, has that vendor been contacted for an updated risk assessment, post-quarantine? What new safeguards have been put into place, and how do you know they are sufficient?

In the continued fight against cyber-attacks, your best weapons are awareness and education. Now is as good a time as ever to re-examine your cybersecurity protocols and ensure that your workforce is properly prepared to fend off any security issues with working remotely .

Knowing is half the battle

Cybersecurity has always been an evolving field; adapting to the habits and behaviours of both attacker and victim alike. Right now, the operating environment is completely different than it was three or four months ago. “We’ve been reminding our clients that the corporate environment safety net is gone,” says Pancholi. “Fortunately, in the past few years we have seen a huge investment in education and awareness of cybercrime in the corporate world.”

There may be fewer people scrutinising the networks, controls may not be operating as they were before, and understandably, many people could potentially be a little bit distracted. The good news is that there are best practice ways of working in order to fight back.

Employee remote working security tips

  • When accessing networks or data for work, where possible use only the equipment issued by your organisation (work-issued laptop or mobile phone), not your personal equipment.
  • Do not use personal email for work purposes.
  • Use a VPN to access your company’s networks. Additionally, use unique passwords for your home WIFI network that are different from the shipped or factory default passwords.
  • Don’t visit unfamiliar sites, open links from unfamiliar sources, download apps onto corporate devices, or share personal information.
  • Don’t print sensitive documents at home.
  • Don’t download or save sensitive data or personal data locally.
  • Make sure you have a clear understanding and awareness of your organisation’s IT and security policies.
  • If a situation arises in which you cannot access or use the organisation’s safeguards, make management aware.
  • If you suspect a data breach, report it to IT immediately via your company’s incident reporting policy.

Manager / Executive remote working security tips

  • Conduct covert phishing tests on the remote workforce.
  • Ramp up training and awareness webinars (user population) and roundtable sessions (senior executives).
  • Ensure that all workers have run software updates and patches on company-issued devices.
  • If you do not have an incident management process in place, which everyone in the organisation is familiar with, now is the time to do it.
  • If your organisation uses a third-party IT vendor, then you should check in with them. Consider if there have been furloughs or layoffs – anything that could affect their ability to safeguard your organisation’s networks and data.
  • Somebody in your organisation should be conducting a thorough service review of 3rd party account management procedures to make sure they’re up to date.
  • With the sharp increase in online meetings, there is a strain being placed upon the underlying network infrastructure. That strain must be monitored to ensure it doesn’t affect resilience or productivity.
  • Your organisation’s network traffic should be monitored 24/7, otherwise attempts to breach the network may go unnoticed.