Fusion Risk Management Introduces Generative AI-powered Assistant to Help Businesses Build Resilience
Blog
Securing Remote Employees
Posted on: April 8, 2020 Author:
Safi Raza
COVID-19 has forced many businesses to have the majority of their workforce work from home. Some organizations have established policies and procedures as well as provided technology to support part of their workforce remotely; however, so many were not ready to support the entire staff working from home. These are unprecedented times, and many organizations must focus on ensuring that most, if not all, employees can work remotely. Security is often missed when the objective is to become operational within hours.
What can businesses do to secure the data?
Increase in Monitoring
The spread of COVID-19 has caused a rise in phishing scams. Criminals are aware that employees working outside the fortified corporate networks offer a much easier target. The SIEM (Security Incident Event Monitoring) alert level should be set at hyper-sensitive during these times. The new generation of SIEM offers user behavior monitoring using AI – a handy and useful feature.
Use VPN where possible
VPN provides an additional level of security. The data is encrypted, and endpoints can effectively access domain-related services. The downside is the increased load on the firewalls, and VPN routers. Some companies may not have adequate bandwidth to guarantee stable operations.
Multi-factor Authentication
Using multi-factor authentication for VPN, webmail, teleconference, and other cloud services will make compromising an account much complex. Use multi-factor authentication wherever possible.
DNS Filtering
Many providers offer DNS filtering. It secures the endpoints from known and suspicious malware sites and provides visibility in web traffic.
Data Loss Prevention
Review your DLP policies and alert levels of the DLP software and update them as needed. Disabling USB and Bluetooth are good options as well provided unauthorized cloud storage is blocked through URL filtering or other means. Run DLP agents often to ensure that they are operational.
Patches and Updates
The antivirus and other defense mechanisms can provide little help if the endpoints are running outdated and unpatched applications. Use incident management software to identify any vulnerabilities and patch them as soon as possible. Patch early and patch often.
Assess your Risk
Conduct risk assessment of your infrastructure and cloud services. Use risk management software to scan your infrastructure, AWS, Azure, and Docker, etc.
COVID-19 Phishing Campaign
It is never late for a test phishing campaign. Conducting an internal phishing campaign focused on COVID-19 can identify the weak spots and need for employee awareness training.
Lastly, review your daily security checklist and modify it accordingly. Pay attention to the security-based reports and act accordingly. Staying vigilant is the key. Learn more about pandemic-related insights and organizational resilience with the Resilience Toolkit.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Cookie Authorization Preferences
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Third-Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!