With COVID-19 being top of mind, some cyber security best practices may have fallen by the wayside. Here are 5 security measures that may have been missed by security professionals during the pandemic.
1. Two-Factor or Multifactor Authentication
In the mad rush to get office workers remote access to work from home, two factor or multifactor authentication might have been missed. Best described as “something you have and something you know,” multifactor authentication helps ensured that only the authorized user is gaining access. You don’t want to chance that an unauthorized user can get in just by guessing or buying a password. Armis CISO Curtis Simpson told Dark Reading, “If your organization doesn't already use multifactor authentication (MFA), now is the time to start. MFA should be enforced for privileged users accessing sensitive Internet-facing business services, including HR platforms, code repositories, remote access interfaces and solutions, and Internet- and software-as-a-service admin interfaces. Those who don't already use MFA should prioritize its implementation among the highest risk users, not deploy for everyone at once.”
2. VPN Access to servers
Prior to the COVID-19 pandemic, the remote workforce was very small. Many businesses did allow for some remote workers (think territory sales reps) to work from home. Many of these organizations employed VPN technology for these users. In the rush to get everyone working from home, VPN may have been bypassed for these new remote workers, either due to license constraints or issues with bandwidth.
3. Ongoing Security Awareness Training
Out of sight, out of mind. This might be the thought for some people, who, now that they are working from home, have forgotten about the helpful security department who would send out tips on avoiding phishing attempts. The helpful security department may now also be too busy to babysit workers while they are busy trying to fix other cyber security issues. Unfortunately, security awareness training is now more important that ever. There has been an increase in the number of phishing campaigns using COVID-19 as “the hook” to get people to click on a bad link or give up personal information. And as more lures are cast, workers may also become lax in how they view cyber security when working from home. It’s suddenly no longer top of mind now that the friendly IT security guy isn’t coming around to remind them about it. Take advantage of secure teleconference, web meetings and cyber tools to help train your staff while they are away.
4. Penetration Testing
You may think with everything going on right now, it is not the time for a penetration test. But this is absolutely the time for a penetration test. Wikipedia defines a penetration test as: “an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. The test is performed to identify both weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed.” So much has changed since COVID-19 forced many workers into home offices. Ensuring the set-up is secure is a must. Ed Williams, director EMEA, SpiderLabs at Trustwave, said this about the rush to enable remote working, “poor planning and improper testing will lead to misconfigurations and as a worst case scenario, leave the organization vulnerable to attack from a malicious third party.” Better to test it now, than have a hacker test it for you later.
5. Vulnerability and Patch Management
Looking for vulnerabilities and patching them before they become a problem is key. Unfortunately, while cyber security professionals may be reacting to deploying secured VPN solutions, they miss the regular patch cycle. VPNs can also be the back door malicious actors are looking for, if deployed incorrectly, or if deployed with default settings. Ensuring your VPN solution has been secured properly and updated with the latest patches is key during this time. A risk-based approach to managing vulnerabilities is also key. A risk-based approach prioritizes which systems are critical, and therefore must be fixed first.
While this list may seem daunting, it really isn’t so bad if you have a trusted MSSP to help you. Uzado is here to help. If you think your team may have missed any of the above security measures, please contact us by clicking the link below.