As the Australian economy and Australian enterprises move into various stages of lockdown measures with the outbreak of COVID-19, many employees will find themselves suddenly working from home. With these measures there are things an organization and employees can do to help remain productive without increasing cybersecurity risk.
Employees in this new remote work situation will be thinking about how to stay in touch with colleagues, stay on top of projects, find shared documents and host planned meetings with conference calls on sometimes unstable wi-fi networks…they may not be thinking about cyberattacks.
Information security professionals need to look urgently at the evolving cyber landscape, expanded threat surface and identify new threat vectors as their organisations become a distributed organisation overnight, with a potentially untrained dynamic workforce. With less time for architecture, development, testing and roll-out – some of these measures may be released without the usual level of compliance or quality.
Based on our experiences working with customers who have had to pivot to new working environments quickly, we want to share some of our top tools and tricks:
In the Short Term: Build Secure Connectivity and Communication Channels
Enabling official chat tools helps employees know where to congregate for work. Many Australian organisations use Slack for its ease of use and mobility. Key players like Apple and Microsoft have their own tools too, which are useful to keep your remote workers connected. However, ensuring that these tools are protected with a comprehensive Identity and Access Management (IAM) solution will save you headaches later on. Whichever chat software you pick, provision it to users with RSASecurID® Access and you won’t have to worry about download links getting emailed around, which could lead to users falling for phishing emails.
Remember to look at any policies you have set already, to make sure they don’t block access for users working from home.
While many employees have work laptops they use at home, it’s likely organisations will see an increase in the use of personal devices accessing company data. Using CrowdStrike Falcon Insight Endpoint Detection together with the RSA IAM solution helps manage and secure corporate data in approved apps on these personal devices, so employees can remain productive.
RSASecurID Suite automatically discovers new devices as users connect with them, prompting them to register the device and sign in with their company credentials. You could manage more device options, like turning on multi-device authentication or enforcing password length, without interfering with users’ personal data but be sensitive about these changes and make sure there’s a real risk you’re addressing rather than setting policies just for the sake of it. Too much policy will harm adoption amongst your remote workers.
In the Long Term: Modernise Your Approach To Secure Access
When it comes to multi-factor authentication (MFA), you need to secure all of your employees all of the time. The single best thing you can do to improve security for employees working from home is to turn on MFA. If you don’t already have processes in place, treat this as an emergency measure pilot and make sure you have a team of support administrators ready to help employees who get stuck. The implementation and adoption rate of this solution will be gnarly and have its teething issues, but it will be worth the battle in the end. RSA SecurID Access ensures users have timely access to the cloud-based and on-premises applications they need from any device.
Longer term, we recommend security admins consider a program to find and label the most critical data, like Digital Guardians’ Data Protection suite, so you can track and audit usage when employees work from home. We must not assume that all networks are secure, or that all employees are in fact working from home when working remotely.
Lastly, we recommend for CISO’s and senior technical board members to get a dashboard view on their threat surface and risk profile with RSA Archer® Suite or RSA FraudAction™ Services. Use these tools to look for attackers masquerading as employees working from home but be aware that access policies looking for changes in user routines may flag legitimate logons from home and coffee shops.
How to Help Your Employees:
As more organisations adapt to remote work options, supporting employees will require more than just providing tools and enforcing policies. It will be a combination of people, process and technology.
Remote workers have access to data, information, and your network. Warn your employees to expect more phishing attempts in the wake of the coronavirus shutdowns including targeted phishing attacks under the guise of high-profile credentials.
Now is a good time to be diligent, so watch out for urgent requests that break company policy, use emotive language and have details that are slightly wrong—and crucially, ensure that your remote workers have somewhere urgent and immediate to report to if they experience one of these.
Establishing a clear communications policy helps employees recognise official messages. Emails will be busy, and inboxes overflowing – we suggest looking at video solutions, or weekly cybersecurity meet-ups that make your team feel connected. Streaming videos that staff can view at a convenient time will also help employees juggling personal responsibilities, such as school closures.
Lastly, transparency is key. Employees are currently going through a highly uncertain time and are craving clear and basic information, including how to protect their devices, and this will help you and employees stay ahead of threats. Employees need a basic understanding of conditional access policies and what their devices need to connect to the corporate network, like up-to-date anti-malware protection. This way employees understand if their access is blocked and how to get the support they need.
Working from home doesn’t mean being isolated. Reassure employees they can be social, stay in touch with colleagues and still help keep the business secure.
For New Customers to RSA SecurID® Access: Free MFA Offering
From cyberattacks to natural disasters to outbreaks of illness, business disruptions come in all forms. It’s why RSA and Loop are offering new customers the ability to securely extend the convenience of working remotely to their employees. For a limited time, you can get mobile multi-factor authentication (MFA) from RSA SecurID Access for free. You can now leverage push notification, biometric and one-time password authenticators to secure access to your cloud applications, on-premises systems, legacy systems, privileged accounts and more at no cost for 6 months.
RSA and Loop are in the business of offering peace of mind with its security solutions to help businesses move forward in times of business disruption. Register your details here: