It is critical that security officials take measures to ensure cybersecurity in the current scenario. Malicious actors are launching attacks against organizations of all sizes and their employees who are operating remotely in the wake of COVID-19. Risk levels are spiking at frightening levels for businesses as the expanded perimeter is becoming more and more difficult to control.
Security teams should not be demotivated, out of fear, from protecting what they can manage. Data breaches happen over a relatively long period of time, with several measures taken to exfiltrate sensitive data. It is necessary to implement strict cyber hygiene measures across the organization in order to prevent potential attacks on their tracks.
Here are some practical guidelines for cyber hygiene enhancement and corporate data safety:
1. Prioritize patching critical assets
In most organizations, all properties should be handled with high priority when an immediate and/or high-gravity vulnerability has to be addressed. As new vulnerabilities emerge with the transition to work from home, it is important to fix business-critical vulnerabilities first.
2. Get granular visibility into your new, extended perimeter
A breach usually starts with one or a couple of compromised devices on the extended perimeter. Due to an employee’s weak password, phishing, or other unpatched flaws, this could happen. Your extended perimeter is more fragile than ever before with the rise of remote work.
3. Maintain a real-time inventory of all resources
It is very difficult to maintain an up-to-date business inventory system. As you cannot correct what you can’t measure, inaccurate inventory makes it difficult to manage compliance and cyber risk.
4. Make VPN available to all members
Companies with significant remote staff typically make available for their employees a robust VPN solution. But mobilizing to a VPN can be a nightmare at first for companies that are not used to staff working from home.
First of all, prioritize access to senior employees and privileged users because if their assets are compromised, it will have a much greater effect on the company. For visibility, make sure you have access to all VPN connections.
5. Implement Multi-Factor Authentication
Enterprises need to be able to distinguish between users who are trying to connect to a business resource or application in a comprehensive way. It is possible to create a functional, strong user identity using an Identity and Access Management (IAM) solution. Where possible, this will give you robust Multi-Factor Authentication and policy control and allow good password hygiene across managed and unmanaged apps.
6. Ensure endpoint security controls
Get ahead of the workforce, becoming victims of scams by implementing strict endpoint security policies for all workers. For each department or division, the endpoint protection that you deploy would focus on the business criticality of the assets of that team. If you have already introduced sufficient endpoint security, make sure the endpoint visibility is validated and stays consistent with remote users.
7. Audit users with admin privileges on business-critical applications
The more users you have on company applications with admin rights, the greater the risk of leveraging those assets. It could be the secret to a major breach when admin credentials on a sensitive asset are compromised. Define business-critical apps to address this, and audit the number of users with admin rights.
8. Develop sound system and application identity capabilities
Using client-side certificates, a strong system identity can be generated, and a strong application identity can be formed by using server-side certificates. It is important to renew expiring certificates and educate users who have the habit of clicking past certificate updates.