Maintaining organisational cyber hygiene during COVID-19 disruption
The pandemic situation we are all currently facing is causing a level of social and economic upheaval that would have been impossible to predict in modern times, and virtually impossible to fully prepare for. We are all faced with extreme challenges and must adhere to UK Government guidelines to protect our employees and stakeholders. We must respond immediately, by adapting our policies and processes to adjust to new ways of working. A remote working model is essential for many businesses to remain operational, and this will already have been or will be in the process of being implemented and rolled out quickly to prevent further disruption.
In addition, cyber criminals continue to exploit every possible weakness and vulnerability. Experts have revealed a range of COVID-19 themed phishing attacks and scam campaigns being perpetrated online.
Kate Wallyn, Head of Marketing at Adarma, asked the technical community inside Adarma what challenges we are likely to face over the coming weeks.
Bandwidth Overload – will my broadband & Wi-Fi cope?
It’s inevitable that this will cause problems over the coming weeks and months for many of us. If you have superfast broadband (above 24Mbps) you’ll cope better, but if you’re part of the 50% of UK broadband customers with less than that, you may well struggle.
So, it’s worth reminding ourselves just how much bandwidth common applications consume, so we can ensure the working members of our families can use the business applications they need to remain productive.
XBOX One, PlayStation 4 & Nintendo switch = 3 Mbps
BBC iPlayer = 1.5 – 2.8 Mbps (for HD)
Netflix = 3 – 25 Mbps (for UHD)
Amazon Prime = 1 – 25 Mbps (for UHD)
YouTube = 2.5 – 15 Mbps (for UHD)
Music & audio streaming = 1 Mbps max
1-2-1 Skype HD Call = 1.2 Mbps
Group video calls = 5 Mbps
It is likely that employees working from home may need to access sensitive business data through home Wi-Fi networks, which are unlikely to have the same high level of security controls as a traditional corporate environment. Employers should check the minimum level of Wi-Fi security is in place for their staff’s home networks (Such as Wi-Fi Protected Access 2).
One of the engineers here at Adarma has provided some useful insight this week. His broadband provider has a phone app which can be used to scan the entire home for Wi-Fi blackspots. With five people now working at his home full-time, and all in different parts of the house, he needed to know if his Wi-Fi would be able to cope. Significant blackspots were noted by the app, which automatically triggered Wi-Fi boosters to be ordered from the provider. Luckily for him they were included in his package, so it is worth checking your providers too!
With most employees working from home, enterprise VPN servers have now become paramount to a company’s backbone, and their security and availability must be the focus going forward for IT teams. it is now more important than ever that companies and IT staff set up systems to capture metrics about the performance and availability of VPN services. VPN systems are more likely to fall for phishing attacks that steal VPN account credentials. So, we must ensure VPN systems are patched and, if not already, use multi-factor authentication (MFA) to prevent unauthorised access. Lastly, set up proper logging to detect comprised VPN accounts and irregular pattern usage.
Employee Security Awareness Training – How can we protect ourselves from Phishing and Social Engineering attempts?
Strong security policies may already exist, but it is important that we review them to ensure they are adequate as our organisations transition to a new home working model. Security policies need to include remote working access management, the use of personal devices, and updated data privacy considerations for employees accessing documents and other information. You may need to review your Acceptable Use policies, staff handbook and remote working policies as well as your Information Security Policy.
In terms of Security Awareness, communication is key as staff use and access company systems in different ways. A reminder of what acceptable use really means, the challenges staff may expect and how the organisation would like them to overcome these challenges. Ensuring employees know how they can quickly and easily contact their IT departments for advice and guidance is essential.
Shadow IT – How can we prevent the use of unauthorised applications?
A remote working model, implemented quickly will often lead to staff solving their own IT challenges in the fastest possible time. Organisations are likely to see a spike in “Shadow IT” application usage and unapproved ways of working. These may include using familiar methods such as scanning/photographing documents using personal mobile phones, sharing data with USB sticks and using unapproved file sharing mechanisms. Luckily most of us have the tooling and policies to support home working these days. But companies should ensure they have additional logging and detection in place to detect unauthorised use of applications and irregular use of these systems.
Security Breach & Data Leakage – What additional measures should we be taking?
This will be an inevitable consequence of remote working and the use of Shadow IT.
Consider a scenario where your company-provided laptop is not connected to the family printer and you are facing some challenges connecting due to the VPN and security controls, but you urgently need to print a contract to sign and return to a supplier. In that case, the simplest option is to forward the document to a family member to print on your behalf.
This is a confidentiality breach and a data leakage incident and will be commonplace with multiple family members working in a home environment.
Along with the advice already provided, we should all be reviewing our security controls that are in place to detect and prevent this behaviour.
General Cyber Hygiene Advice from Adarma</p?
New ways of working and fast change are always going to bring about security challenges but there are a few steps all organisations can take that will help to ensure we are operating as securely as we can at this time.
As always, our advice is patch, patch, patch! This is particularly relevant given the increase in COVID-19 themed phishing attacks and scam campaigns being perpetrated online.
Ensure that your patching processes are still covering your entire infrastructure adequately. By this we mean check that devices are not being considered “offline” by your patching servers to ensure they are still getting regular updates.
If your staff are required to hold important company data on their laptop/Mac ensure backups are enabled and the data is encrypted.
Ensure you update or install endpoint software that provides Anti-Virus and Malware capabilities and underlying operating systems. Check web proxies, Cloud Access Security Broker (CASB) and firewalls are updated and be prepared to block new & emerging known malicious domains.
If you don’t already have email protection against Phishing & Malware, consider subscribing to these services.
Some organisations may already have BYOD policies and tooling in place for remote work as well as contingencies and disaster recovery plans. If you don’t have these in place already, we would advise against allowing staff to use their own devices unless absolutely unavoidable. In cases where there is no alternative, organisations should consider an alternative authentication, posture and user validation method to identify their employees. A self-enrolment portal and Single Sign-On (SSO) platform would be a good place to start.
A huge thank you from Adarma!!
We’d like to take this opportunity to thank the incredible team here at Adarma for remaining proactive and diligent during this time of enormous change and uncertainty. The work they do is vital, supporting many front-line organisations through our remote SOC Service and Cyber Threat Management activities.
The majority of our services are still being delivered remotely to the same high standard. Our service levels have been unaffected due to the flexibility and dedication of the Adarma team and we are doing all we can to help with the additional pressures on our customers at this time.
We realise that this is not the time to be promoting our products and services, but we also recognise that organisations may be facing a plethora of challenges relating to new remote working measures. Please do get in touch if you need some guidance. We are all in this together.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!