For many organisations, the sudden move from an on-premises to a remote workforce has created unexpected information security risks.
“For those enterprises that had not yet implemented a remote work strategy, the sudden lockdown left little time for them to roll out remote working security solutions.
Also read: Lockdown a ‘perfect tsunami’ for cyber criminals as more employees work remotely
“It was a matter of keeping business going as best they could, despite the risks,” said Martin Potgieter, co-founder and technical director at Nclose.
With the likelihood growing that some form of lockdown may be extended for months, organisations now need to take action to tighten up information security as best they can, maximising the tools they already have available.
“Many recommendations that have been made recently on securing the remote workforce are difficult to implement during a lockdown.
“For example, creating a zero trust network, while good security practice, could take months or even a year to implement.
“Now is also not the time to roll out something new; you cannot install new hardware or send people in to carry out on-premises testing during the lockdown,” he said.
Also read: Covid-19: South African websites helping to spread the message – Stay at Home
There are practical steps businesses can take to improve information security right now:
Enable two-factor authentications:
This should be done on all internet exposed authentication portals.
For companies not already using two factor authentications, implementation could be challenging during a lockdown, however.
Another option is geo-fencing that restricts access to certain portals to users within certain regions – within South Africa only, for example.
Maintain visibility:
For organisations that have not deployed cloud-based EDR or cloud-based endpoint security, visibility may be limited once the workstations have left the corporate environment.
Consider modifying endpoint security technologies to allow for more efficient visibility of the endpoint.
One option is to move to the cloud the existing AV management centre.
- Maximise endpoint security features:
- Endpoint firewalls
- Endpoint encryption – encryption of the hard drive on laptops or workstations.
- URL filtering – filtering of websites and web-based traffic, which Nclose said is one of the more important features to enable right now.
- HIPS (Host Intrusion Prevention System) – Similar to the traditional IPS but running on the endpoint. HIPS looks at the application layer and operating system.
- NIPS (Network Intrusion Prevention) – Similar to HIPS but specifically looks at the network layer.
Also read: Covid-19: Apps to get you through the lockdown anxiety
Raise employee awareness:
Phishing is as prevalent as it was before, but it may present a greater risk now that you have less control and visibility over the environment.
Continue – or start – phishing awareness training.
Whether this is done through standard information sharing or susceptibility testing, it is important to maintain employee awareness of cyber security risks.
In most circumstances this can be done remotely.
“These basic tools can significantly improve security when there has been little time to prepare to move the entire workforce out of the secure enterprise network environment,” said Potgieter.
Dear reader,
As your local news provider, we have the duty of keeping you factually informed on Covid-19 developments. As you may have noticed, mis- and disinformation (also known as “fake news”) is circulating online. Caxton Local Media is determined to filter through the masses of information doing the rounds and to separate truth from untruth in order to keep you adequately informed. Local newsrooms follow a strict pre-publication fact-checking protocol. A national task team has been established to assist in bringing you credible news reports on Covid-19.
Readers with any comments or queries may contact National Group Editor Irma Green (irma@caxton.co.za) or Legal Adviser Helene Eloff (helene@caxton.co.za)
