Cybersecurity should be a paramount concern for all businesses operating virtually during the COVID-19 pandemic.
While internet- and cloud-based technologies, tools and applications have enabled the abrupt shift to work-from-home operations, they have also created more opportunities for cybercriminals to breach remote communications links and compromise business-critical data. Malware and ransomware infections have seen significant growth, and news of security vulnerabilities on popular virtual conferencing and data-sharing platforms continues to make headlines.
In this new environment, an effective cybersecurity posture should focus on three areas: communications channels, access and monitoring.
Defining communications channels
Although employees may be working with computers that are dedicated to work, there are no guarantees that these devices will be completely protected from potential intrusions while communicating with colleagues and a wider corporate network.
Pre-determining the channels that everyone should use will reduce security risks. Businesses can structure communications around proven and secure tools by setting out the protected messaging, conferencing, screen-sharing and file-sharing applications employees should use. They can also avoid the risks that are created by employees using public channels for work-related communication.
Protecting data access
With the communications channels defined, the focus can shift to protecting access to networks and data. Best practices for remote collaboration should be applied at all times:
- Online meetings should be password protected;
- Files should only be shared over secure file-sharing portals;
- Intranets should only be accessible via virtual private networks and password-protected portals; and
- Data access should be segmented based on pre-defined access profiles, permissions and rules to ensure employees only have access to the data they need to fulfill their specific role in the organization.
Monitoring and maintenance
Once remote working parameters are established, every effort should be made to ensure employees are working within the guidelines and that data is always protected. This really is everyone’s responsibility. If all employees follow the rules, the potential for security breaches will be reduced.
But it is up to network administrators to ensure they have all the tools in place to detect, identify, manage and respond to threats.
Firewalls that provide access segmentation are the first point of defence. They ensure remote devices can only access data that they are required to access and don't have the ability to go everywhere within a network.
In addition to the firewall, administrators can leverage:
- Endpoint risk detection and response tools that monitor all activities;
- Threat intelligence tools that provide insights needed to keep pace with changing threats and make fast, informed decisions;
- Vulnerability management tools that identify and prioritize vulnerabilities before they can be exploited;
- Security, orchestration and automated response (SOAR) services that simplify and accelerate security operations; and
- Security information and event management (SIEM) services that dramatically simplify network and data security monitoring while providing invaluable insights
Keeping data secure
Beyond these tools, Canadian businesses should also ensure that their data always remains within Canada as it is stored, shared and backed up. Ideally that means working with a cloud and cybersecurity provider like BriteSky that operates and maintains Canadian data centers.
With these key approaches to data security, businesses operating virtually during the COVID-19 pandemic can maintain an effective cybersecurity posture. They can reduce the potential for cybercriminals to breach remote communications links and compromise business-critical data.
Devin Somppi is the director of security at BriteSky Technologies.