COVID-19 and telework : Security measures to ensure business continuity and protect your organization from cyberattacks

COVID-19 et télétravail : comment protéger votre organisation et vos données des risques de cyberattaques ?

Last week, Premier François Legault called on organizations to be supportive of the government’s directives to address the risk of a COVID-19 pandemic.

Face with this health crisis which will slow down the economy, organizations must undertake measures to facilitate teleworking for their employees and partners and ensure business continuity in order to limit the impacts on their own business and the economy.

However, the generalization of telework could increase the risks for your company in the event of a cyberattack. In this context, what measures can you take to protect your business and your data? If you have not already done so, we recommend that you consider the following seven guidelines to improve the security level of your business operations.

1. Protect your portable equipment

We strongly recommend that access equipment such as laptops, tablets and cellphones be managed and configured by your IT team or your service provider in charge of your IT systems and equipment.

A disk encryption solution must be implemented: both hard disks and removable disks (USB).

Next, make sure your employees are equipped with a robust solution for advanced malware and phishing attack detection.

And finally, employees shall not be able to change the devices’ configuration, including disabling or uninstalling software connection such as the local firewall or the VPN.

2. Configure your collaborative cloud computing tools properly

Collaboration tools such as O365, GSuite, Slack, etc., make it easier to work remotely while communicating efficiently. However, these platforms are often deployed without taking the time to configure them securely.  Cloud data centers are indeed physically secure. However, it is generally your responsibility to apply proper software security configurations.

There are several parameters to consider in order to properly control the collaboration tools. We advise you to go through the security guides of the different platforms to make sure that the right settings are defined, such as the one from CISecurity.org, or call on our experts.

3. Use a VPN

The VPN (Virtual Private Network) allows remote access to the corporate network, while encrypting data and masking the IP address. Thanks to the VPN, you guarantee the confidentiality of the files exchanged and the non-tracking of users.  In order to ensure the maximum security of your VPN, you should compartmentalize your network according to user profiles.

Whether they are at home, in a hotel or in another public place, your users should always use a VPN to avoid eavesdropping on a WiFi network.

4. Adopt two-factor authentication

Two-factor authentication is used to validate a user who is trying to access the system or an account. How does it work? After entering their access ID and password, the users receive a validation code which they must enter to confirm their identity and thus have access to the system or account. Although this operation can be perceived as an annoyance, it allows to add an additional layer of security.

5. Manage passwords

With or without the adoption of two-factor authentication, the passwords used by your employees and system administrators to access and manage your applications can also be a threat.

Although it is strongly recommended that you never use the same password for multiple applications, nor write them down anywhere, we recommend using a password management application. Only one master password to remember and you’re done! All passwords are then managed securely.

Please refer to the Canadian Government’s Best Practices for Creating Passphrases and Passwords.

6. Log and Monitor

Provide remote access and be agile, but do not forget to log and monitor your systems for abnormal behavior. Especially if you use cloud computing services.

Be aware that solutions such as Office 365 do not log activities by default?  Do you know that you can take advantage of centralized logging and an analysis and detection capabilities with artificial intelligence (a SIEM)?

A SIEM cloud solution allows you to collect, detect, analyze and investigate anomalies before it is too late. See how Microsoft, for example, can equip you with a state-of-the-art cloud computing platform.

7. Set up an incident response and crisis management plan

Following government guidelines to combat the spread of the coronavirus, organizations need to act quickly and efficiently and refer to (or implement) their business continuity plan to manage this type of situation.

Constant and frequent communication with employees and external entities is crucial to let them know of the next steps you are taking to follow the government’s recommendations. There exist incident and crisis management applications built to ease the communication flow.

This is what our Cobalt Incident Response Platform delivers. Using Cobalt, you can easily edit, share and store critical documents such as continuity plans, security protocols and policies, user guidelines, data usage guidelines, etc.

Our application also allows you to quickly and easily inform all stakeholders in case of crisis management. How can you do this? By creating and sending mass notifications and tracking them. It is also possible to program messages and choose the broadcasting channel: email, text or voice message, alerts.

If you are interested in this solution, do not hesitate to contact us. Our experts will identify your needs and will be able to:

  • propose you with an adapted offer so that you can ensure the continuation of your activities safely;
  • train you on our Cybersecurity Incident Management and Crisis Management tool;
  • help you document your business continuity plans and playbooks.

Planning the measures to be implemented, activities and associated communications are all elements that will enable your company to face crisis situations while preventing cybersecurity incidents.

Even if your concerns are currently elsewhere with COVID-19, keep in mind the security of your organization and your data. Cyberthreat authors are likely to take advantage of this situation to carry out attacks (phishing). And are you prepared to deal with any type of cybersecurity incident? Let’s discuss it together.

Find more tips on safe teleworking on IN-SEC-M website.