A Cybersecurity Checklist for the Coronavirus Outbreak Period

Posted by Geraldine Hunt on Thu, Mar 19th, 2020

In the same way that health officials are consistently reminding us to maintain good hand hygiene during this critical time, your internal IT personnel must constantly communicate the importance of cyber hygiene to protect users, devices, and the enterprise at large.  Here at TitanHQ, we have created a list of basic cybersecurity steps that should be practiced regularly and communicated to employees.

Remote Work Network Security Guidelines

As so many employees are being asked or required to work from home, many for the very first time, it is important to provide guidance in order to acquaint them with their new reality.

• Reinforce to your employees the importance of safeguarding certain types of company information such as customer and employee information, trade secrets, protected intellectual property, etc.  A data loss prevention filter (DLP) is a great tool that can be used to scan messages for content matching credit card numbers and social security numbers.  Our SpamTitan email security solution includes DLP filtering to help you.
• Do not allow sharing of work computers and other devices.  Family members should be prohibited from accessing any work computing device.
• Prohibit employees from downloading or saving company information to personal computing or storage devices as well as personal cloud storage services.  You can create policies through Group Policy or MDM solutions to enforce this.
• Remind employees to log out of their computers whenever they are not in use while at home.  This may seem obvious at work, but users may feel more relaxed when outside of the office for an elongated period.  This is especially important when working in public places.

The Cybersecurity Trilogy

The trilogy of cybersecurity is simple: encryption, protection and patching.  This trilogy is even more important with so many employees working remotely.

• All enterprise mobile computing devices should have encryption enabled on them.  This is easily done for business and educational versions of Windows 10 by enabling BitLocker.  You can create policies to enforce BitLocker through Group Policy or an MDM solution.  Make sure that all web and FTP applications used to transmit data are encrypted. 
• You may have to modify the settings in your endpoint protection, security software and Windows Update utility to ensure that all computers continue to update everyday while off site in order to stay patched and secure.
• Enable local firewalls for all devices that will operate offsite.  The Windows Defender Firewall can be enabled and configured through Group Policy or your MDM solution.
• Instruct employees to notify the proper personnel in the event that their enterprise device is lost or stolen.  Immediately document the event in case regulators become involved and employ any remote wipe or reset capabilities you have.

Email and Web Filtering

Email and web filtering solutions are essential in order to protect your devices that will be now be operating outside of the secured perimeter.  Most enterprise VPN solutions have a gateway setting that forces all local internet traffic through the VPN.  This should be enabled for companies that do not have off premise web filtering capability in order to ensure that all web packets are filtered before being passed through.

Due to its isolating nature, remote work relies heavily on digital communications and collaboration tools such as Slack, Microsoft Teams and Facebook.  Organizations block some of these sites normally so make sure that they are opened temporarily for the course of these events.

• Restrict the number of people authorized to conduct new overseas wire transfers and new payment requests.  Create a policy that requires employees confirm these types of requests to verify their authenticity as face-to-face interaction is not available.
• Provide daily security reminders through email or video conferencing such as demonstrations showing show how to inspect links before clicking them by verifying their actual URL destination.
• Enable policies that disable macros for all Office suite products except for those specific users that require them.
• Train users to be vigilant and skeptical concerning any email that relates to the coronavirus.  Phishing emails concerning coronavirus cures, covid-19 tax refunds, donation requests and coronavirus updates are being released on a daily basis.

VPN and RDP

• Configure VPN clients to connect automatically when the computer is turned on.  Do not depend on users to manually connect.  VPN clients should not be installed on any machine that is not properly patched or protected.
• Do not allow RDP connections from the outside.  These types of connections are easily probed by hackers who will then launch credential stuffing attacks.  Only allow RDP connections from within the network.  This means that anyone working offsite must first connect to the corporate network through a VPN connection.
• Make sure that you create a separate VPN zone within your firewall and create security policies that protects incoming and outgoing traffic.
• Enable MFA for your VPN connections to confirm identity.

Long Term

As the pandemic forces many employees to work from home, your organization can stay productive and safe. Remote workers need to have clear communication from IT on support and security issues. In the rush to provide remote access, don’t sacrifice cybersecurity. Stay safe and healthy.