Companies had to organize remote accesses to their emergency systems for teleworking and that made them vulnerable. How they protect themselves
Given the social isolation proposed by the Government, a large number of Argentine companies authorized the entry into their systems from remote connections in order to operate in a massive home office regime.
This implies a delicate balance between the need to avoid bass damages economic from the inactivity and risks of data hijacking (known as ransomware), as well as other leaks of sensitive information.
“We’re prepared to use digital platforms? “asked Daniel Monastersky, director of the CEMA Diploma in Management and Strategy in Cybersecurity and member of the Advisory Board of the Global Forum on Cyber Expertise.
“It is always advised that changes should be implemented little by little, in stages. Suddenly and without notice, many persons were forced to develop their activity from their homes, using platforms that, perhaps, they had never used in their lives, “warns Monastersky.
The expert points out that although there are technical requirements that each organization must meet in order to be aligned with the standards, little has been said about the importance of reinforcing the safety culture of these “new” teleworkers.
“When performing tasks remotely, vectors of attack expand and the risks increase, “says Monastersky, who wonders:” What do organizations do for workers that are not violated beyond the technical measures that they implement from companies?“
In this sense, he advises training in cybersecurity Employees to cover their webcam to avoid possible remote access and activate the double factor of authentication on all platforms on which it is available, as well as to think before publishing photos, videos, comments and other publications.
“Computer criminals are taking advantage of the despair of the population due to the pandemic in order to achieve its objectives. For this they are creating apps malicious, fake websites and campaigns via email, text messages and whatsapps“, alert.
Consequently, it becomes essential to create spaces to develop digital education and awareness campaigns, for which “governments, companies and organizations must be involved in providing this type of content to minimize risks.”
Vulnerability of the company
iProUP agreed to a Deloitte report prepared for its clients in which the consultant lists various tips for those companies that face the need to massively implement the home office and avoid computer risks,
First, the document refers to the Business they had not implemented telework systems – except for cash exceptions like systems employees – before the coronavirus crisis. This group will be the most compromised in terms of security.
In this way, Deloitte summarizes the main questions to consider before the generalization of homeoffice:
– Evaluate the scope and the remote business collaboration model based on size of the company and features of the industry
– To select tools collaboration for commercial scenarios specific. To do this, take into account the security features of the platform or remote office software
The report dedicates a section to the conditions of data ownership and privacy protection established in the use and cooperation agreement, along with industry security certifications and other features related to portability, availability, scalability, namely:
– Clarify the scope of access to office services by third parties, define the limits integration with third parties and strengthen the control security access to confidential data
– Improve the monitoring constant security from the systems area and the protection of the company’s information services and systems. If necessary, reorganize the roles for analysis and response to cybersecurity attacks
In addition, Deloitte also refers to companies that have already implemented flexible remote access and collaboration solutions already in place prior to the coronavirus pandemic.
However, this universe of companies must also ensure certain Actions not to have incidents during this period, for which the consultant recommends:
– Carry out activities of awareness Y training of information security and cybersecurity in aspects related to the model of collaboration remote from employees.
– Timely follow-up of suspicious accesses and abnormal situations
– Execute plans security for remote stage offices special and review the processes of reply corresponding emergency
– Focus attention on ensuring installations services that provide remote access and collaboration securely, such as: capacity, availability and security of VPN services, email and access to data stored on the internal network, among others
– Check –And, if possible, improve– protection measures for security of remote access services and interfaces. These include, but are not limited to, authentication multifactorial, the timely removal of privileges remote access and monitoring of these services. Also the corresponding emergency plans to improve the flexibility of network services
– Strengthen the capabilities of monitoring Y analysis security of the entire company network, paying special attention to privileged access behaviors.
– Focus on monitoring in the use of data confidential and in the services central that provide access to this data, such as email and business operations platforms
– Prioritize the access solutions and remote office approved by the company and try to avoid the use temporary software from third parties to share confidential information
– Perform timely Backups data in the cloud and provide multiple versions of historical backups
The company was uninhabited
A specific cybersecurity risk scenario can occur in neglected corporate offices, Deloitte said, advising:
– Reinforce restrictions physical access to offices
– Organize the monitoring on-site physical security
– Define schemes to respond in a timely manner to abnormal conditions on site
– Establish a remote service system for service personnel to carry out the monitoring in weather real of the computer room, the network, the systems, the operating conditions of the applications, the use of resources
– To turn off unnecessary equipment peripheral network and nodes in the office
Likewise, it is the responsibility of companies to protect the private data of employees, so Deloitte warned that in response to pandemic control requirements, companies must strictly control the access, transmission and use of such data in the process of health information statistics and employee management to ensure a limited scope of knowledge.
They should also set the level of protection clinical data and medical and avoid the use of third-party platforms for your storage or transmission, as there is an increased risk of confidential or private data leaking due to exposure in unsafe environments.
Access to systems remotely
Amid the urgency to implement home office without notice, companies were forced to allow employees to use equipment own, since they could not provide corporate notebooks.
This situation could expose data confidential on non-corporate networks, social networks and / or third-party platforms that do not have the appropriate protection measures, says Deloitte.
Also, in recent years they have entered the homes many smart network devices but with weak security features, he added.
Some of these devices also generate risks derived from an unsafe standard configuration, the absence of maintenance or provider support, the lack of updates security and access possibilities unknown by the user, Deloitte said.
Companies must identify and classify the requirements of Connection remote, identify related risks and quickly confirm the business security threshold allowed under this situation, the report explained.
In the midst of the emergency, organizations should:
– Implement a consistent layer of authentication multifactor (MFA) or progressive authentication depending on the criticality of access requests.
– Ensure that identity management processes make sure all identities from third parties with access to the company network.
– Have a view integral of the identities privileged within their systems environments, including a procedure to detect, prevent, or delete orphaned accounts.
– Focus security monitoring on elements new and strengthen monitoring in remote operation scenarios.
Cyber risks increase homeoffice. Devices that do not have the necessary protection could cause loss of data, privacy violations and ransomware-victimized systems, and proactive measures can to get better the experience of users and their safety when working under this scheme.
Dolores Olveira *