A global pandemic has taken world by storm and upended the world of IT and Security professionals as they work to support a 100% remote workforce. What steps should security professionals be taking in order to make sure their workforces are working securely? Check the areas below and find out where to focus.
COVID-19 has taken the world by storm and has forced IT and Security professionals to support 100% remote workforces that were otherwise non-existent a couple of weeks ago.
Users are still the riskiest part of any security program, and all the standard best practices and still apply. Here are some tips to actually help your security team:
Establish Clear, Easy to Use Communication Channels
It is critical that users have a direct path to IT and Security departments via email, instant messaging like Slack or Teams, text, or phone. Users need to feel like they have an easy place to ask questions to get quick answers.
Refresh Security Policies and Procedures
Making security policies easy to find and understand is the next most important piece of enabling remote workers – How does a user create a ticket? What if they get a suspicious email? Is there a procedure to validate that an employee contacting them is actually who they say they are?
Learn More: Are Small Businesses Prepared for the Coronavirus’s Economic Outcomes?Opens a new window
Endpoint Health
When it comes to remote workers, you can put your mind at ease if you’ve implemented the following on user endpoints:
Remote Lock & WipeUsing enterprise tools or an MDM package, you’ll want to maintain control over the endpoint if it is lost or stolen. You’ll want to make sure that users know how to report an endpoint as ‘missing’ as quickly as possible and also reinforce a blame-free process.
Full Disk Encryption
Enabling strong full disk encryption for all internal drives is critical if you have a workforce with mobile endpoints.
Automatic Screen Lock
Whenever possible, administrators should make sure endpoints have a short period of inactivity before the screen locks or the screensaver turns on, requiring a password.
Endpoint Firewall
The endpoint firewall is a simple method for dropping bad packets and services from connecting to your endpoint.
Automatic updates
This one is essential. Once updates (i.e. security patches) are made available to an operating system, it’s only a matter of time before someone tries to exploit it.
Explicit Application Block/Allow Lists
Both Windows and Mac have either native controls or 3rd party programs that can be leveraged.
Force the use of a strong, modern and up-to-date browser
This takes time and you’ll need to identify users running legacy or out of date browsers and ask them to upgrade.
Force the use of HTTPS everywhere
Related to using a strong, modern and up-to-date browser, administrators should encourage the use of HTTPS EverywhereOpens a new window , a free browser plugin from the Electronic Frontier Foundation.
Service Health
Your VPN appliance is probably getting more attention and the Security Team should be on the lookout for shadow IT, shadow cloud, and phishing campaigns.
Protect applications
Take inventory of applications that are exposed externally and require a login. As a matter of precaution and best practices, any externally exposed web application should require TLSOpens a new window .
Learn More: IBM Teams Up With White House to Fight COVID-19Opens a new window
Update your VPN Appliance
The VPN appliance is an often overlooked component when updates are coming around. Looking across VPN hardware manufacturers over the last two years reveals at least two major vulnerabilities. This device is likely the most important piece of hardware securing your network.
Monitor on-prem and cloud services
Security teams should make sure they have a thorough understanding of their exposed services both in cloud environments and for on-premise servers. It’s not uncommon for new firewall ports opened “temporarily†that can expose your business to unwanted risk and unwanted visitors.
Stay Safe Out There
Managing security across a remote workforce is challenging. Understanding what to prioritize is an important step in securing your environment and allowing users to work safely in a remote setting. By taking a holistic approach and focusing on the most critical areas first, you can make sure your organization is ready to support remote workers in a way that is safe and secure.
Censys is continuously scanning the entire Internet and provides visibility into both known and unknown assets that an organization owns. Censys offers a free tier account that users can take advantage of to monitor their attack surface, and an open-source tool to make searching via the command line or scripting easier.
Let us know if you liked this article on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!