The following Article is written by Jacques van Wyk the CEO of one of our business associates JGL Forensics Services. We put it forward wholeheartedly as an important and relevant article on potential data and cyber security risk to business, in particular during this time of Lockdown due to the Coronavirus Pandemic both in South Africa and many other parts of the World
The Corona virus has impacted our daily lives in ways we could not have foreseen a few weeks ago.
In order to slow the spread of the virus, government and companies are suddenly forced to change the way they operate, in real-time, with no advance warning and no strategic think-tank preparation.
President Cyril Ramaphosa announced on Monday, March 23, 2020, that South Africa will go into lockdown from midnight on March 26 until midnight on April 16, 2020. Suddenly, we are all faced with the reality of trying to get our personnel organised to work from home in a very short space of time, if we are to have any hope of keeping things “business as usual.”
When routines get upset to this degree, security is often an early casualty. Make sure your employees understand, and are prepared for, the additional security challenges of remote work during the current emergency. Working from home will undoubtedly help to keep your employees safe, but in turn could put your confidential company information at risk.
Chris Hazelton, director of security solutions at Lookout, says, “Working from home or online education programs are not new. However, a large, immediate migration of people from enterprise and university networks that are closely monitored and secured, to largely unmonitored and often unsecure home Wi-Fi networks, creates a very large target of opportunity for cybercriminals. These users are outside the reach of perimeter-based security tools, and will likely have higher exposure to phishing and network attacks.” (Source)
Risks of Employees Working from Home
Here are some of the possible risks of more employees working from home as a result of the recent Corona Virus outbreak:
- Sensitive documents: Sensitive documents are taken home where the level of security and care is, understandably, not the main focus or concern.
- Home security: Access to company laptops and other devices, as well as documents, is easier – again because the main focus in the home environment is not the protection of company documents and assets.
- Unsecured Networks: Using unsecured networks, such as public Wi-Fi networks or a home wireless network makes it easy for malicious parties to access confidential information. This exposes your business to potential security threats.
- Financial transactions: In an office environment, it is easier to enforce and ensure compliance to authorisation and processing of payments. As companies scramble to put temporary processes in place to minimise business process, realising the same level of security, control and oversight becomes exponentially more difficult.
- Using personal devices for work: An employee’s personal laptop or computer is unlikely to have the same level of antivirus software or security setups as office-based computers. This exposes your business to security threats from malicious parties.
- Legal considerations in using personal devices for work: If your company does not have a clearly defined policy governing the use of personal devices for work purposes, then you have no recourse if the device (and any information or data) is lost or compromised.
- Poor Communication: Effective communication can be compromised when employees work remotely. Text messages, for example, can easily be misinterpreted or misunderstood.
- Scams targeting remote workers: There will be an increase in malicious campaigns, such as targeting workers working from home via emails, man in the middle attacks and so on.
- Ignoring basic physical security practices in public places: Your employee’s computer contains confidential information from your company. This could be inadvertently exposed if your employees talk loudly while working in public places, expose their laptop screens in public places or leave their devices unattended.
- Devices are lost or stolen: There is always a possibility that devices are damaged, lost or stolen. In these instances, the sensitive information on the devices becomes lost and/or compromised.
How to Minimise the Risks of Working Remotely
Here are some of the ways your employees can minimise the risks of working from home:
- Strong Passwords: Ensure all accounts are secured with strong passwords. Passwords should be unique for every account and should comprise a mixture of upper and lower case letters, as well as numbers and special characters.
- Disk Encryption: Ensure all devices use full disk encryption. In this way, if a device is lost or stolen, its data will not be accessible.
- Two-Factor Authentication: Even if accounts have strong passwords, two-factor authentication and verification is excellent additional protection.
- Use a Virtual Private Network (VPN): VPN plays an important role in improving your online privacy by encrypting all your internet traffic so that it is unreadable to anyone who intercepts it.
- Set up Firewalls: Firewalls act as a defence mechanism, preventing threats from entering your system. They create barriers between the device and the internet by closing ports of communication. This helps stop malicious programmes entering your device, and helps prevent the leaking of sensitive information.
- Use antivirus software: Although a firewall can help, antivirus software should be the next line of defence. Good antivirus software can detect and remove malware. All devices used for remote work should have legal and up to date antivirus software installed.
- Use approved software (White list): Never download suspicious, unauthorised or illegal software onto your devices.
- Use Cloud Applications – Using web-based cloud solutions gives you better control over your data and information. They also offer better security when data encryption technology is used while transmitting confidential information from remote locations to your company’s intranet. Data is much safer within the cloud as it is kept online and encrypted, instead of being stored in a device. It also means you can regulate employees access where required.
- Secure your home router: Changing your router’s password as often as you can makes your network less vulnerable, meaning it’s more difficult for malicious parties to connect to it.
- Install updates regularly: Updates include patches for security vulnerabilities that have been uncovered since the last update.
- Do daily data backups: Data can be lost in several ways, so all important files should be backed up regularly – preferably in the cloud or on a separate storage device in an encrypted format. Backups for the past seven days will provide at least some ability to recover information if needed.
- Virtual solutions: The use of electronic signatures and virtual approval workflows will enhance security. Ensure your off-site employees all use the same cloud storage platforms, communication/video conferencing tools, project management tools and so on.
- Verify: Make use of teleconferencing technology (such as Skype, Zoom and similar) to ensure financial transactions actually come from a legitimate, senior member of staff before they are approved.
- Look out for phishing emails and sites: Phishing emails and sites are used by malicious parties to obtain sensitive information from your device. Make sure you check email addresses for any spelling errors, and look for poor grammar in the subject line and body. Hover over links to see the URL, and do not click on links or open attachments unless you completely trust the sender.
- Use encrypted communication: When you need to communicate sensitive information to other employees, make sure you use mainstream messaging services that come with end-to-end encryption, such as WhatsApp, Signal and Telegram.
- Lock your device: If you have to work in a public space, keep your device secure with password locking.
- Strict security policies: Strict securities policies should be in place to protect the company, and should be followed by employees at all times. Any breaches must be reported immediately to limit any loss of information. Define a clear procedure to follow in case of a security breach. At minimum, your organisation should have a Data Protection and Confidentiality policy in place.
- Transparency is non-negotiable: Remote employees working with confidential company data must immediately report an incident to their superiors.
- Ensure adequate IT support: In case of IT related problems or support, have IT support staff available to assist – either telephonically or via remote login
These are very real risks that can have serious implications for your company.
Let us help you assess the potential risk so that you have clarity on where your stand and how to implement security measures. If you are interested in an assessment, please contact me immediately.
We are working remotely throughout the lockdown period and can assist you!
Please take care, and look after yourself and your loved ones.
Jacques van Wyk
CEO – JGL Forensic Services
Co Founder and Director Synergygrc – “Enabling Better Business”
+2782 881 9389