💡 Presently sponsored by: ScriptRunner
Webinar: Azure administration made easy with powershell!
Organizations worldwide are keeping employees at home.
What can we, as organizations, and as employees, do to stay safer and more secure online in these times, where malicious actors are ever-increasing with targeted attacks on the ongoing COVID-19 pandemic?
Here are a few tips to consider when you're working from home.
Use unique passwords
There are many reasons for this, but a common cause of failure is that people sometimes use the same password for multiple accounts and services.
Credential stuffing is an automated injection of a breached username and password combinations that tries to sign in to your account. These attacks are gaining more momentum every day, and the list of breached passwords is ever-growing.
Troy Hunt built and maintains the HaveIBeenPwned website, which is a fantastic resource to stay up to date with data breaches and possibly leaked credentials and passwords. If you are curious whether your accounts or e-mails are at risk, visit this site and run a quick search.
My tip is to use a password manager to handle the burden of complex passwords.
I use 1password as a password manager. It has proven to be fantastic for me and comfortable enough to handle. There are many password managers out there, and there are great resources comparing them available.
Now, if you have MFA (Multi-Factor Authentication) enabled, you can worry less about the password complexity, but it is still something to consider. Read about MFA below.
Use Multi-factor authentication
If your organization isn't enforcing MFA (Multi-factor authentication), you should see if you can enable it yourself. There are no excuses not to use it, and according to published research from Microsoft, 99.9% of attacks are effectively blocked if you have MFA enabled. I think that's more than enough reason to enable this feature.
Depending on what systems and platforms you are working on, the methods for enabling MFA will differ.
- To learn more: What is MFA? (Wikipedia)
- To enable it for your accounts: This depends on the service and platform you and your organization are using. If you don't have MFA enabled, reach out to your Helpdesk, closest IT Department connection, or administrator for more information.
Firewalls come in many shapes and sizes. It can be software on your device or laptop, and it could be hardware on your Wi-Fi router, or an external firewall sitting in your network.
If you have a hardware firewall, ensure that it's enabled, and your devices and network traffic are flowing through that. Many routers already come with built-in firewalls, which also helps. Ensure your router's firewall is enabled.
I am running Unifi devices from Ubiquity in my home, and there are some strong industry-grade security layers in their hardware available. Whatever hardware peripherals you have, take a look to ensure the firewalls are enabled and if all encryption mechanisms are switched on.
I'm an avid Windows user. I am using Windows 10, which comes with built-in capabilities for protecting the devices. Whether you are on the Windows OS ecosystem or something else, try to ensure that you have the necessary firewalls enabled and configured on that device.
Phishing and scam e-mails are on the rise for COVID-19
There is a global pandemic causing lives to be lost, and healthcare systems are overloaded. The global and local economies are suffering. Still, there is a growing amount of attacks happening - some even targeting healthcare systems specifically. I am lost for words.
Read more and stay informed about the types of threats out there. The links below are good to read to understand what angles might be played.
- Cybercriminals impersonate WHO to distribute fake coronavirus e-book. (Malwarebytes)
- Battling online coronavirus scams with facts (Malwarebytes)
- Coronavirus "safety measures" email is a phishing scam (Naked Security)
- Malware posing as new coronavirus information spreads online, exploiting fears about global outbreak (Newsweek)
Lock your laptop or device at all times
If your device isn't already automatically locking when you haven't used it for N minutes, you should enable this right away.
Physical security is just as important as cybersecurity. You also should enable a PIN or other measures for signing into your device and ensure that it requires authentication to use it.
Too often, I've seen devices that don't have a PIN or other locks. You can pick it up and click the button and have full access to all their corporate data because they aren't rolling out security policies through their organization.
Stay ahead of the physical security risks by simply ensuring you have a device that locks whether that is the laptop or smartphone, or something else.
Ensure your Wi-Fi connection is secure
Working from home usually means working from your home network. A home network isn't inherently safe or unsafe, but it comes with risks if you haven't changed factory-settings.
First thing's first: Connect to your system; don't use a shared network, don't use a public access point and don't use your neighbor's network.
A home network is usually a more accessible attack vector than a corporate/business network. Many devices can connect to your network: gaming consoles, IoT devices, smartphones, laptops, and more. If one of those devices is compromised, your system could become compromised and used for activities you wouldn't want on your network. Consumer-grade components usually don't come with the same protection as corporate equipment, and your own network's security lies in the hands of yourself, not someone else.
There are several simple but essential things you can do to check to ensure you stay ahead:
- Change the name of your default home network.
- Change your router's default password.
- Upgrade your router's firmware. These updates usually contain vulnerability patches.
- Ensure you have enabled network encryption. WPA3 or WPA2 should be OK, but you should stay away from WEP, and turn off WPS entirely if you have that.
- Disable remote access. You don't want to have unnecessary endpoints open to the public.
If you want to go the extra mile, you can do things like:
- Disable DHCP. You then would have to manually enter your network configurations instead of letting the router just assign new IP's to new devices.
- What's the difference between WPA2 and WPA3? (ElectricDesign)
Separate Wi-Fi networks for home and business use
While it can be a cumbersome exercise, for me it has been worth it. I am connecting using different networks, depending on what device I am using.
For work, I have a separate Wi-Fi network that only I can access. Nobody else in my family has access to it, nor does any other device on the net. Separating my systems enables me to configure tighter security policies for that network, and I can decide what to allow and disallow without interfering with the rest of my devices and networks.
Of course, doing this is a little more advanced than just enabling a firewall on your PC.
Backup your files
Depending on what type of device or computer you are using, it may or may not come with certain security features and backup routines by default. If you are using a personal laptop or a work device that isn't syncing files, you may want to look at taking a snapshot of your data now and then.
There are many ways you can lose your data.
- Human error
- Physical damage to the device or computer
- Targeted cyberattacks
- and more.
In the end, make sure you have backups of your sensitive and critical data, regardless of what platform or tool you are using.
Separate work and personal accounts and devices
Some organizations require you to use a dedicated "work" device. Other companies embrace "BYOD" (Bring Your Own Device), where you can use your laptop for business use cases. Some organizations have no policies at all.
Regardless of what path you and your organization walk down, there's always a tradeoff. Ideally, you'd use different devices for your Personal and Work activities. Still, if that isn't possible, at least different accounts would be ideal.
The separation can help mitigate the risks of a corporate data breach by limiting the exposure your work device has in general. You can also shut the machine down when not in use.
Get your facts straight
Here are the official links to the web sites about the current state, myths, and events around the Coronavirus. The below links are all from WHO and CDC. These are the main resources I use for any type of news and information about the ongoing pandemic.
World Health Organization informational links
- WHO Advice for the public: Overview
- WHO Advice for the Public: Myth Busters
- WHO Get your workplace ready for COVID-19
- WHO Situation Reports (Daily reports about the current state)
Centers for Disease Control and Prevention informational links
Summary & Links
There are many threat vectors out there. I trust facts and am an avid questioner of source information. A key to the broader success of online safety and security is to stay with the truth and rigorously question information and links coming your way.
Here are some additional resources I find worthy of my time, as I hope it will be worthy of yours.
- Battling online coronavirus scams with facts (Malwarebytes.com)
- Coronavirus used to spread malware online (Kaspersky.com)