Securing Devices at Home and Work
The theme for the second week of 2020 Cybersecurity Awareness Month is “Securing Devices at Home and Work”. This theme is very appropriate for 2020, as the professional world shifted from using devices at work to using devices at home. In this post, we will recap some key themes on the topic of working remote in a secure fashion.
The steps that people should do to ensure they are working from home in a safe manner can differ from the perspective of the end-user and the company. The first two items focus more on how the end-user can work safer, while the last item looks at strong tool that administrators can implement.
End User: Ensure Your Video Conferencing is Secure
Earlier in the year, as millions of people started conducting their meetings and events online, mischief-makers took notice. Certain elements of the popular Zoom platform made meetings vulnerable to being crashed by uninvited people. The company took efforts to improve security since. Best practices for having secure meetings include:
- Do not post the event information in a public place online.
- Require a password to join the session.
- Employ a waiting room to screen people before they join.
Read our post about Zoom Bombing and VTC Hijacking for more information.
End User: Beware of Phishing
Whether you are at home or in the office, phishing emails can trick you. Like most things in 2020, the COVID-19 pandemic has had an impact. Emails claiming to be from the World Health Organization (WHO) or other agencies tried to entice users to give up sensitive information.
The steps to avoiding being phished are well-known. They include:
- Never open an attachment or click a link unless you are expecting it and can confirm the sender.
- If the sender is asking for something urgent and it involves money, confirm the request through another communication channel.
- Pay attention to grammar and tone, in case there are changes. This can give a hint that something wrong is afoot.
Phishing relates to business email compromise, which we covered extensively in our post last week. We also looked at the specifics of how criminals use COVID-19 to phish.
Admins: Protect Endpoints with EDR
Companies should consider deploying endpoint protection software on devices. These pieces of software monitor the activity of the device they are installed upon. The data and information from the devices can be correlated and analyzed using the EDR software or with a SIEM. The features and benefits of using popular endpoints agents include:
- The agent blocks known malware using the unique signature that they contain.
- Even if there is not a signature for the malware developed, the agent can look at the data surrounding device usage and flag suspicious activity. Machine learning helps with this.
- Logs are generated and stored for usage in research and forensics.
- The tool integrates with the latest intelligence to keep companies informed.
Managing the endpoints can be a challenge for many companies without the internal resources. Monitoring the alerts and responding appropriately can be accomplished by working with a Managed Security Service Provider (MSSP) like Cipher. Cipher and FireEye hosted a webinar on how to secure remote workers’ endpoints earlier this year.