Cybercriminals will seek to gain from the COVID-19 (coronavirus) pandemic.
As such, businesses should be aware of this increased risk and take precautions to secure their operations and communicate proper security hygiene to their workforce.
Here are the five things your business should be doing right now to protect your critical business data, infrastructure and applications:
- Criminals will try to exploit the crisis with pandemic related phishing emails and by setting up fake charitable donation campaigns. Extra effort should be taken to monitor and protect against phishing emails and malicious websites containing malware and other threats. Monitor intelligence sources, such as US-Cert, for awareness of the threats related to the crisis. https://www.us-cert.gov/ncas/current-activity/2020/03/06/defending-against-covid-19-cyber-scams
- With the growing remote workforce, it is vital to use secure methods for remote access such as virtual private networking (VPN), a secure virtual desktop (VDI) solution and/or multi-factor authentication (MFA).
- Communicate the increased threat level to end users, informing them of the risks and measures they can use to mitigate them. Guide them to only use trusted resources, such as (https://www.cdc.gov/coronavirus/2019-ncov/index.html) for information concerning COVID-19.
- Update incident response procedures to take into consideration the growing remote and distributed workforce.
- Review policies and put protective measures in place for Bring Your Own Device (BYOD) and ensure the end users understand and follows these policies. The following has useful information for BYOD. https://www.cisecurity.org/white-papers/cis-controls-mobile-companion-guide-2/
The team at Entisys360 is here to help you mitigate the business impact of COVID-19. Contact us today.