Taking Care of Cyber Hygiene as an IT Specialist
Taking Care of Cyber Hygiene as an IT Specialist
As remote work has become the new norm due to the coronavirus pandemic, everybody needs to practice proper cyber hygiene - IT specialists included.
Join the DZone community and get the full member experience.Join For Free
Cybercriminals have been exceptionally busy during this COVID-19 crisis, and the number of cyber incidents has increased dramatically. The World Health Organization (WHO) alone has reported a five-fold increase in attacks against their staff, with about 450 actives WHO email addresses leaked online. IT specialists are working hard to provide technical support and cyber hygiene advice to fellow employees working from home, but they shouldn't forget to follow their safety advice.
After all, being an IT professional doesn't guarantee immunity from a determined cyberattack, not by a long shot. There is always going to be a hacker that is better prepared, equipped, and experienced to circumvent your defenses. If you work in IT, you're also going to need protection from identity theft, phishing, account takeover, DDoS attacks, and other nasty things. Here are a few practical tips on practicing proper IT-level cyber hygiene while managing other users remotely.
Keep Track of All Company Assets on the Network in Real-Time
Maintain an up-to-date inventory of all company assets that's on the network, including software and hardware. This first step can be challenging because these assets are always going to be in flux. There will always be new devices to be added, retiring machines, virtual machine migration, and employees installing or updating unapproved or illegal software. Accurate asset tracking can help you manage cyber hygiene compliance and mitigate the risks of a cyber attack.
Conduct a Password Audit
The use of weak, default, and re-used passwords are rampant in almost all businesses. What's worse are instances where employees write their passwords on a piece of paper and leave it out in the open. Even strict password policies can't address the issue of password reuse, especially on private accounts and other platforms IT teams have no control over. Educate everyone on using strong password strings and to never use the same password twice.
VPN Access for Everyone
Ensure that everyone working remotely has a robust and tested VPN installed on their system because they will be accessing the corporate network and confidential resources. Mobilizing to VPN can be a challenge, especially when educating employees on how to use one if they haven't before. Give senior partners, management, and top-level employees priority because they are high-value targets for spear phishing. If their email or data gets compromised, the impact on the company will be more significant. After VPN deployment, ensure that you can check if everyone is using it to secure their connections.
Patch All Critical Assets
Prioritize the patching of critical business assets first before addressing the rest of the remote organization. Since everyone is working from home, the highest targets will be directors, managers, and officers, so patch their systems for vulnerabilities before patching the computer of the staff from sales.
Enforce Multi-factor Authentication
It's crucial to be able to identify users trying to access the corporate network and sensitive files. Establish a strong user identity by using an Identity and Access Management (IAM) tool and a password manager for better authentication and security.
Check for Vulnerabilities in Your Extended Perimeter
Your extended perimeter includes default passwords still in use, port exposure, broken certificates, and security configuration problems. An attack or breach generally starts when vulnerable systems on the extended perimeter get compromised due to a weak password, unpatched software, or an employee targeted for phishing. Some cybercriminals have even used zero-day exploits to establish the initial breach. Make sure to check your extended perimeter at all times.
Enforce and Validate Endpoint Security for All Remote Workers
Ensure endpoint Security among all remote staff because of the sheer number of phishing scams and malicious websites popping up due to the COVID-19 pandemic. Help other remote workers by rolling out robust controls for endpoint security so they can avoid becoming a victim of these scams. Make sure to verify that endpoint protection remains consistent among remote staff. Departments with more critical assets should be given more extensive endpoint security controls.
Beef Up Device Identity and Application Identity Capabilities
Using client-side certificates can help establish device identity, while server-side certificates can assist with establishing application identity. Make sure to have robust mechanisms in place that will automatically refresh expiring certificates, identify users who click past warnings, and educate them on why this is important.
Proper cyber hygiene starts with educating everyone on what this practice is and validating compliance among all employees. This means practicing what you preach - from using a VPN to making sure all accounts have multi-factor authentication enabled by default. With all the cyber threats happening during this pandemic, employees will rely on IT specialists even more and need to bring your A-game at all times.
Opinions expressed by DZone contributors are their own.