In the last few months there has been a huge rise in cyber security attacks as more people than ever have started to work from home during the coronavirus lockdown. Cyber criminals are seeking to exploit the fact that your employees are adapting to new behaviours and that they may not be following best practice.

For many companies, the lockdown has meant:

  • Employees are using tools they’ve never used before
  • Your IT team’s knowledge of remote cyber security may be limited
  • Employees are in a heightened state of vulnerability both personally and professionally

Remote working is now likely to become a normal part of operations for many companies. So, if your teams are going to be working from home more often, it is essential to get your remote working security methods up to scratch.

In this article, we look at the threats facing your company, and some ‘quick wins’ for remote working cyber security.

Two key cyber security threats when your teams work remotely

Working from home introduces two major risks which your organisation may not have experienced before to the same degree.

  1. Social Engineering

Social engineering hacks have always been used against businesses, but companies are especially vulnerable during the lockdown. Hackers are using three key ingredients to increase the success of their phishing and malware attacks: Volume, Relevance and Urgency:

  • Volume

Hackers are sending far more phishing emails and other social engineering campaigns than ever. Personally I have seen a direct correlation between the increased global response to Covid-19 and the number of links and attachments that have been shared with me both at work and at home; memes, GIFs, articles, blogs, opinions pieces and videos.

There is a huge amount of digital content being shared world-wide, and hackers know that as volume increases we become de-sensitised – and less likely to check it is safe.

  • Relevance

Fears about the specific nature of the crisis means social engineering messages are written to be especially relevant and engaging. Hackers are aware that we are looking out for positive news (vaccines, stock market recovery, financial support, job security) – so they have an easy set of topics that have relevance to individuals no matter where they are.

  • Urgency

Your employees are scanning the horizon for threats more than ever – this means that urgent emails with demands and requests may elicit more of an unquestioning response than usual.

We are all in a state of emergency and we are ready to take action quickly – not wanting to be left behind. Skilled hackers instil a sense of urgency in their communications – making us feel we have no option but to click their unsafe link or download their attachment immediately.

This combination of factors means that employees who are normally cautious are taking shortcuts and handing over the keys to cyber criminals.

  1. Internal and/or Accidental Data Leaks

Unfortunately data can also leak from your organisation without the need for a hacker to be involved – indeed, over two thirds of Cyber Security incidents are caused by insiders. This can be done maliciously or accidentally but largely the outcome is the same; data ends up where it shouldn’t and your business might end up paying for the consequences.

Disgruntled employees can send data outside for their own usage, to sell to cyber criminals or as an act of revenge against their current or former employer.

Even employees with the best of intentions can leak data accidentally; especially those who are new to using a personal device for work or sharing documents digitally.

 

Managing cyber security risk while your teams work remotely

Thankfully, there are several straightforward (and low cost) things you can do to reduce these risks.

Learn in more detail: download our eBook on Microsoft’s Secure Score for Office 365

Strengthen Access Control:

  • Enable Multi-Factor Authentication (MFA). This is a real low-hanging fruit when it comes to remote working security – if you don’t have MFA turned on already, make sure you are using it. With MFA, even if a hacker gets hold of log in details through an attack they are much less likely to be able to access critical and sensitive information
  • Utilise conditional access controls. Allow your security tools to automatically decide whether an access request is suspicious based on rules you define such as: where the person is trying to connect from, what device they are using, what they are trying to access.

Raise Employee Awareness

This is free and effective – less than 30 minutes spent learning by each employee will reduce your risk of data protection fines, loss of customer trust, loss of revenue and legal nightmares.

  • Ask employees to complete an online training session around personal responsibility for keeping data safe
  • Share links to cybersecurity best practice on the government’s National Cyber Security Centre website

Implement Data Loss Prevention Technology

Data loss prevention (DLP) comes in many forms; but here are a few must haves:

  • Ensure you have a properly configured, modern email system. This should have the capability to check links and attachments for viruses and malicious sites
  • Implement DLP rules on your email system. Prevent accidental leaks with warnings to the email sender or prevent malicious leaks by blocking emails from being sent externally based on their content (particular key words, data that looks personal or financial etc.)
  • Implement controls on devices that are used to access business information: These tools can enforce complex passwords, prevent copying and pasting of sensitive data, ensure virus definitions are up to date and much more

We use Intune at FITTS as it integrates with all our other security tools so that our IT team can manage everything from a single view.

Deploy Data Recovery Technology

Sometimes your protections fail and data gets out to where it shouldn’t; thankfully it is possible to recover this data.

  • We use Microsoft 365 and Azure Information Protection to classify and control data at the document level. This means that each document has controls applied which are still in place even if the document leaves our organisation. We can control who accesses a document even after it has been leaked.

Staying safe when remote working during Covid-19 and beyond

The coronavirus lockdown has introduced many new challenges to businesses, not least the threat of hacking, phishing and other cyber security threats. However, as this article shows, there are several simple steps you can take to begin reducing the risk.

If your business expects to continue with remote working in the coming months and years, it is vital to ensure that you are protected from the specific risks that come from this approach. For help developing your strategy, contact FITTS today.