With everything going on during the pandemic, focusing on cybersecurity is often taking a back seat and bad actors are taking advantage of it. More phishing scams, ransomware in coronavirus-related apps, attacks on healthcare and research facilities — cybercriminals thrive on the chaos.
Networks with the least protection are the most vulnerable. Leapfrog recommends that all organizations, regardless of their size, have these five security practices in place at a minimum:
1. Multifactor authentication (MFA)
Remote access is the most common way hackers gain access to computers and networks. So the more you’re using remote access, the more careful you need to be. Two-factor authentication isn’t secure enough — you need the third factor, which includes a biometric or location requirement.
Set up MFA for remote access to your network and all cloud apps.
Have employees use MFA-protected apps instead of email apps whenever possible.
Remind employees often to be on the lookout for increased phishing attempts during COVID-19.
Require your cybersecurity team to verify logins, look for anomalies, and capture a secure audit trail.
2. Strict network-access privileges
The people who you allow to login to your network should be able to access what they need to do their work and nothing else. It’s easier to grant broad access but this practice increases risky behavior.
Create standards for who gets access to what and stick to it.
Set tight time limits when granting temporary access for short-term projects.
Require third-party vendors to access remotely through a designated tool — third-party vendors are the primary breach risk.
Disable access for vendors with whom you’ve suspended activity during COVID-19 and update permissions for the rest.
Require your IT security team to review access logs more often than usual and check every IP address.
3. Ransomware protection
Ransomware can hide in compromised websites, USB drives, and unsecured wireless networks and routers in addition to phishing emails. Scammers target smartphones, too, and distracted or stressed employees are more likely to let their guard down.
Disconnect your backups from your network — ransomware can encrypt backups.
Warn employees about the increase in official-looking coronavirus-related scams and scams in general.
Ramp up your security awareness training.
Consider investing in a next-gen email protection platform that uses baselines and machine learning.
4. Disaster recovery test
Don’t put off testing your DR plan because of the pandemic. The likelihood of experiencing a natural or human-made disaster has not decreased, and you need to make sure your plan works now that working environments and processes have changed.
Switch to cloud-based DR (DRaaS) if you haven’t already.
Use a DR execution team in another geographic region — they’re less likely to be affected by the same disaster or community spread.
Talk to your partners and vendors to assess their disaster preparedness. Disruptions to their businesses could impact yours.
Schedule a DR test as soon as possible, especially if a hurricane might impact your area.
Data that’s not encrypted is there for the taking. Ensure all of your company data, including data on personal devices used for work, are encrypted in transit and at rest.
Require employees to encrypt hard drives, mobile devices, thumb drives, and any other device they use for business. Encryption is built into Windows, OSX, Android, and iOS devices, so users just need to turn it on.
Confirm your cloud providers and platforms encrypt data in transit.
Confirm data stored in the cloud is encrypted.
Encrypt all offline backups stored in different locations.
This checklist covers the basics — don’t stop here. Work with your IT security team or an adviser to assess your risk and how it may have changed during the pandemic. It’s not pleasant to think about additional challenges layering on top of those brought about by the pandemic, but business continuity is the priority. Tightening security protocols and practices will serve you well now and for the coming years.