Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months (825 days). In a move that’s meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates [...]
In response to the coronavirus pandemic, organizations worldwide are implementing work-from-home policies. Yet for many businesses, managing an entirely remote workforce is completely new, which means they may lack the processes, policies and technologies that enable employees to work from home safely and securely. In addition, many employees may be unfamiliar or uncomfortable with the idea of working from home.
Social Engineering
One of the greatest risks remote workers will face, especially in this time of both dramatic change and an environment of urgency, is social engineering attacks. Social Engineering is a psychological attack where attackers trick or fool their victims into making a mistake, which will be made easier during a time of change and confusion. The key is training people what social engineering is, how to spot the most common indicators of a social engineering attack, and what to do when they spot one. Be sure you do not focus on just email phishing attacks, but other methods to include phone calls, texting, social media or fake news.
Strong Passwords
Weak passwords continue to be one of the primary drivers for breaches on a global scale.
Updated Systems
The third risk is ensuring any technology your workforce uses is running the latest version of the operating system, applications and mobile apps. For people using personal devices this may require enabling automatic updating.
Additional topics to consider:
• Detection / Response: Do you want people reporting if they believe there has been an incident while working at home? If so, what do you want them to report and when? This will be especially critical when you have people working remotely.
• Wi-Fi: Securing your Wi-Fi access point.
• VPNs: You should use one.
• Children / Guests: Reinforce the idea that family / guests should not access work related devices
Quick Tips
• The most effective steps you can take to secure your wireless network at home is to change the default admin password, enable WPA2 encryption and use a strong password for your wireless network. • Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.
• One of the most effective ways you can protect your computer at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.
• Ultimately, common sense is your best protection. If an email, phone call or online message seems odd, suspicious or too good to be true, it may be an attack.
• Make sure each of your accounts has a separate, unique password. Can’t remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
• Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step
We live in an at least interesting period. The Covid-19 outbreak has put another huge pressure on our already complicated economies and lives. But, we, in the cybersecurity industry, we ...
Post comments (0)