Businesses the world over are considering the best steps to take in preparation for the widespread Covid-19 (Coronavirus) infection and many are feeling its impact already. Your response will very much depend on the type of organisation you work for. For businesses involved in manufacture and retail, thinking the unthinkable – a complete shutdown – is a real possibility. For the health and social care sector, where closing-up shop simply isn’t an option, prioritisation of resources and services is key. But, even if your business is online and you could theoretically continue operations normally, it’s worth considering the impact of a pandemic lockdown on your company’s digital risk.
Here are three ways your digital risk could be increased and how you can mitigate it:
When the government takes the decision to move to ‘phase 2’ of its coronavirus response – the ‘delay phase’ – businesses will be requested to limit travel wherever possible. Major corporations are doing this already with Amazon, Google, Twitter, Facebook, Nike and others already implementing travel restrictions. Global giants like these, however, already have processes and tech in place to facilitate international collaboration. For companies or departments reliant on physical presence, for example, call centres, changing policy on the fly may not be possible. Operating with a skeleton staff may well be the best way to reduce risk while keeping the lights on. Where you can enable remote working, some simple tips can help you to reduce risk:
• Make sure any devices being used off-site can be tracked and remotely deactivated in the event of loss or theft.
• Any device, including memory sticks or portable drives, used to ‘take work home’ should be encrypted to make sure data important to the business doesn’t fall into the wrong hands. Full disk encryption will help to reinforce your security.
• Use VPN connectivity to prevent third parties spying on connections.
Prevent phishing and supply-chain attacks
If some or all of your staff are working remotely, you can expect an increase in email activity. Hackers are aware of this. It’s very common in targeted phishing attacks to monitor email and wait for key staff to be on vacation before criminals spring into action. If there is a wide-spread lockdown in place within your supply chain the risk increases further. But, once again, there are plenty of straightforward steps you can take to mitigate it:
• Treat every email with suspicion. If you do this, it will be much harder for your teams to be caught out. Checking links before clicking and comparing bank details with previous transactions are quick and simple measures which anyone can implement.
• Put the right processes in place. Make sure transactions are authorised correctly and, ideally, by more than one person. You might want to add additional steps, for example, phoning suppliers to check details or suspending automated payments.
• Encourage employees to report anything that looks suspicious and share verified phishing attempts with staff to increase awareness.
Manage application access
If you need to provide remote access to applications, using a VPN can improve security but that’s only half of the story; especially if you have applications that are normally restricted to on-site access. Making a clear plan and policy to manage ‘who needs’ and ‘who gets’ access will help you understand the measures you need to put in place. Many business applications provide features to make access more secure and you should make use of them in situations like this.
• Enable two or multi-factor authentication. If you’re relying on mobile text for authentication, using a company phone number is best. Use IP whitelisting to determine where it’s ok for your staff to access applications from if you can.
• Enforce the use of a password manager to prevent passwords being saved or shared using email or other productivity applications.
• If you continue to progress development projects during a lockdown, make sure remote container/server access is restricted and secure. And then, check again. If possible, use a third party penetration testing service to make sure your set up is secure. Don’t use authentic data in any Cloud development environment.
Lowering Digital Risk at any time is simply good business
Even the most risk-averse businesses with the best security process and systems in place can be vulnerable to attack. Recent attempts to break into customers’ loyalty card accounts at Tesco and Boots were fuelled by credentials stolen in completely unrelated data breaches. Where stolen credentials involve business email addresses, the stakes are even higher; especially when companies are providing remote access to applications for the first time.
At Skurio, we believe this provides further evidence of the importance of routine monitoring for exposed data outside the network. Early breach detection for compromised credentials means your business will be better equipped to take proactive action, if data has been leaked onto the Dark Web. There’s a lot that can be done to minimise damage, taking action faster will reduce risk and fall-out.