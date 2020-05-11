Rajesh Kumar

The concept of working from home (WFH) and remote workforces is not new. However, with unforeseen circumstances of COVID-19, most of the organizations are suddenly forced to practice this new normal. The organizations may be aware of the remote working security issues and concerns whether it is - employees using an insecure connection or, while not monitored, possibly expose sensitive data or, fall prey to luring phishing instances etc. But, WFH is now being adopted by many industries and corporates, and even the government encouraging the same, so as to comply with the social distancing measures.

Unfortunately, such distressed times of uncertainty are prime time for hackers to launch attacks and we have already seen targeted Coronavirus-themed spam emails and phishing attacks in circulation, such as – Malware attacks disguised as sensationalized Covid-19 News or Charity pleas; Coronavirus-themed spam planting key loggers; Email phishing scams using names of global health bodies; Targeted e-mail addresses to deliver a weaponized malware variant; Malicious coronavirus maps being used to steal info, and so on. Apart from phishing and use of malwares, now the latest development is that cyber criminals have developed a malicious software-laced Coronavirus tracking Android app, used as Ransomware.



Most important is to step up authentication mechanism and management of password e.g., policy around passwords (length, complexity, re-cycle etc.). This helps mitigate the password guessing or cracking by a bad actor. Review authentication process and increase security beyond the traditional password and username combination. e.g., Hardware security keys, Multi Factor Authentication (e.g., 2FA, OTP, Biometrics, geo-restrictions etc.)

Ensure End point Protection (AV/AM) or EDR (End-point detection and response) is in place and up to date all the time. Enforce and automate the process as much possible. Adequate policies should be in place to enforce the same and not allow the users to work around the same. Ensure Operating Systems and other Applications on Servers as well as endpoints are patched and latest.

Ensure use a secure Wi-Fi network at home and avoid Public Hotspots or open Wi-Fi. Never use public hotspot and open wi-fi for serious business and connecting to corporates. Even, while using home network, take help/advise on how to change password and disable unnecessary ports.

Plan adequate safe remote infrastructure; Use secure VPN and end-to-end encryption, for safeguarding data transmission. Use/configure VPN gateway, that extends business firewall rules to the end user.

Step-up specific monitoring rules to detect attacks on remote infrastructure and utilize threat intelligence to detect threat actors targeting COVID-19 related themes. Also, use additional tools and solutions like DLP (Data Leak Prevention) and MDM (Mobile Device Management), to minimize the possibility of leakages and misuse of corporate data while working at home.



Therefore, it is imperative that organizations implement business contingency plans that prioritize protecting remote workforces from attacks. Securing a remote workforce (while also ensuring productivity), is need of the hour and there are several measures advised that should be implemented and practiced. Some of the important Guidelines ae below:

Therefore, to deal effectively with increased cyber risks, it is important as an IT & Security professional, we advise – these be implement as per organizational requirements and budgets, and an expert should be preferably engaged for an ongoing risk assessment and mitigation, not only specific to remote access methods, but as a good practice in general.