Cyber security code.jpg

Working From Home Cyber Security

By Get Indemnity™

 

Many businesses have faced a challenging time, with cyber security a growing concern as many businesses have had to set up working from home practices

With an increased reliance on remote working, it’s prudent to maintain effective cyber security controls and cyber insurance to safeguard your business.

Employees still need to be alert to unusual emails or social media approaches. Links within spoof emails and text messages remains the most common source of a cyber security attack. Whereas, it is increasingly important that any requests for the transfer of money are double-checked using a trusted source.


Eight remote working cyber security tips:

 

1) Antivirus software

Antivirus protection offers remote working security against a host of threats, including malware, spyware, viruses, trojans and worms. Comprehensive antivirus software for your employees whilst they work from home can offer significant protection. Plus, it will automatically update itself to guard against new and emerging threats.

 

2) Multi-factor authentication

Multi-factor authentication for login has become an increasingly important tool for businesses to maintain protection with unprecedented levels of working from home. Which means, even if an employee’s password has been accidentally compromised, access to your systems cannot be obtained.

 

3) Cyber education and training

Employees should be reminded of the importance of password protecting their devices to prevent other third parties accessing sensitive files. Education remains a key tool to identify, manage and respond to a potential cyberattack. Direction should be provided on secure storage, management of user credentials and incident reporting. 

 

4) Cyber incident response

Cyber security risks can occur even when employees follow the procedures and guidelines. Incident response plans should be sufficiently flexible to deal with the range of cyber security incidents that could occur. A cyber insurance policy with access to specialists can offer the knowledge and support required to mitigate the potential damage.

 

5) Secure your home wireless network

Ensure the security of your home Wi-Fi network by creating a new and unique password – you can do this by going to your router settings page (type “192.168.1.1” in your browser). You should make sure that network encryption is enabled – check your router is using the most secure encryption called WPA2.

 

6) Use a business VPN

Virtual Private Network (VPN) offers a greater level of security by encrypting your data and shielding your online activity from potential cybercriminals. However, your VPN can also come under attack, so it is important to use sufficient controls to gain access (i.e. multi-factor authentication).

 

7) IT equipment and software

This can be difficult if employees are being forced to use their own IT equipment at home. Companies should understand the risks associated with using a personal device for business purposes. Without business hardware, non-audited software and applications, which are far more likely to lack adequate security to detect malware, providing an attacker with a route into their business network. 

 

8) Network monitoring

Monitoring networks closely and routinely for suspicious activity should be undertaken regularly, however not always achievable in the current working from home climate. There should therefore be greater emphasis on employees spotting possible cybercrimes. 


Cyber security question-set – does your business apply a high level of controls whist your employees work from home?


HOME EMAIL SECURITY

  1. Do you pre-screen e-mails for potentially malicious attachments and links? 
  2. Do you provide a quarantine service to your users? 
  3. Do you have the capability to automatically detonate and evaluate attachments in a sandbox to determine if malicious prior to delivery to the end-user? 
  4. Do you strictly enforce Sender Policy Framework (SPF) on incoming e-mails? 
  5. How often is phishing training conducted to all staff (e.g. monthly, quarterly, annually)? 
  6. Can your users access e-mail through a web app on a non-corporate device? If Yes: do you enforce Multi-Factor Authentication (MFA)? 
  7. Do you use Office 365 in your organisation? If Yes: Do you use the Office 365 Advanced Threat Protection add-on? 
 

REMOTE WORK INTERNAL SECURITY 

  1. Do you use an endpoint protection (EPP) product across your enterprise? 
  2. Do you use an endpoint detection and response (EDR) product across your enterprise? 
  3. Do you use MFA to protect privileged user accounts? 
  4. Is a hardened baseline configuration materially rolled out across servers, laptops, desktops and managed mobile devices? 
  5. What % of the enterprise is covered by your scheduled vulnerability scans? 
  6. In what time frame do you install critical and high severity patches across your enterprise? 
  7. If you have any end of life or end of support software, is it segregated from the rest of the network? 
  8. Have you configured host-based and network firewalls to disallow inbound connections by default? 
  9. Do you use a protective DNS service (e.g. Quad9, OpenDNS or the public sector PDNS)? 
  10. Do you use an endpoint application isolation and containment technology? 
  11. Do your users have local admin rights on their laptop / desktop? 
  12. Can users run MS Office Macro enabled documents on their system by default? 
  13. Do you provide your users with a password manager software? 
  14. Do you manage privileged accounts using tooling? E.g. CyberArk 
  15. Do you have a security operations center established, either in-house or outsourced? 
 

BACK-UP AND RECOVERY POLICIES 

  1. Are your backups encrypted? 
  2. Are your backups kept separate from your network ('offline'), or in a cloud service designed for this purpose? 
  3. Do you use a Cloud syncing service (e.g. Dropbox, OneDrive, SharePoint, Google Drive) for backups? 
  4. Have you tested the successful restoration and recovery of key server configurations and data from backups in the last 6 months? 
  5. Are you able to test the integrity of back-ups prior to restoration to be confident it is free from malware? 
 

Action Fraud has warned that coronavirus-related cyber security fraud reports increased by 400%, with working from home being a material factor. With the UK topping the list for being the most heavily targeted nation for Covid-19 related email spam, according to research by cyber security and defence company Trend Micro.

 



by Get Indemnity™

This guide is for information purposes and based on sources we believe are reliable, the general risk management and insurance information is not intended to be taken as advice with respect to any individual circumstance and cannot be relied upon as such.