As the world is grappling with a deadly pandemic and a sliding economy, people around the world are practicing social distancing to slow the spread of the disease. Work from home being the new normal has brought a sudden wave of change of working in the corporate world and is opening new avenues for cybercriminals. The rapid transition of remote working has left companies’ networks vulnerable to hackers. According to a KPMG report, this lockdown has caused 18 million daily malware and phishing attempts and 24 million cases of COVID related spam messages. Here’s what you need to know to keep enterprises safe-
- Using a virtual private network (VPN)
Employees working remotely use their home networks which will not be as secure as the enterprise networks. It is essential that the employees should connect to the company network through a VPN with two-factor authentication which adds a layer of redundancy to ensure that only the actual account owner can access their account. It also acts as an alert when an unauthorized user is attempting to log into an account.
- Implementing privileged access management (PAM)
Since most of the security and risk teams are operating in a remote environment, they will face the challenge of providing granular access to corporate resources. Remote working conditions make a conducive environment for insider threats. Data administrators often lack contextual information about data users and requesters which is an essential factor to consider for granting data privileges. Enterprises should consider implementing PAM which plays an important role in data integrity such as authentication protocols, automated password encryption, regular auditing and reporting etc. This can reduce the difficulty of streaming workflows as well as provision and deprovision access to corporate data based on prescribed roles.
- Performing basic endpoint hygiene checks
Security teams must perform basic endpoint hygiene and connectivity performance on systems. Corporate systems should have the minimum viable endpoint protection configurations for off-LAN activity. Employees who are using it for work should have anti-malware capabilities installed and must be in synchronization with corporate endpoint protection platform vendors to ensure the device is free from vulnerabilities. Mechanisms such as software-token based multifactor authentication should be used to ensure only authorized personnel have access to corporate applications and information remotely.
- Self-supervised AI
The use of self-supervised AI can thwart threats. Self-supervised AI is based on machine learning which is capable of identifying and labeling as threats, events that earlier required human intervention and were time-consuming. It functions by collecting data to form a baseline of the network, and detection of any abnormality in network performance will alert the security team.
- Creation of new network baselines
Working from home has the advantage of flexible work schedules which simultaneously changes the network baseline behavior hence the detection of anomalous behavior has become a challenge for the security analysts. Internet usage has catapulted from 30% to 50% in the lockdown period which underlines the need for creating new network baselines. It is imperative that the analysts create new network baselines for behavior by correlating anomalous behavior with the VPN traffic. Since employees are at remote locations, authenticating the users by tracking their source IP address will be an improper baseline.
This pandemic has brought a lot of uncertainty, especially when it comes to safeguarding the data of your enterprise. The challenges of this pandemic should not disrupt your enterprise’s productivity and functionality.
Authored by:- -Mr. Shomiron Das Gupta, CEO, DNIF
(The views expressed in this article are by – Mr. Shomiron Das Gupta, CEO, DNIF. Technuter.com doesn’t own any responsibility for it.)