Five tips for controlling insider threats during the work-from-home era | SC Media

Five tips for controlling insider threats during the work-from-home era

September 15, 2020
The Twitter hack in July focused on exploiting insiders. Today’s columnist, John Ayers of Nuspire, offers five tips for controlling insider threats as more people work-from-home. (Photo Illustration by Rafael Henrique/SOPA Images/LightRocket via Getty Images)
  1. Require cybersecurity awareness training. Make sure employees have basic cybersecurity knowledge. Employees are the first line of defense for any organization. We always encourage organizations to train staff frequently on their role in defending the enterprise, what threats to look for and what behaviors to avoid. With the dramatic change in how we work, companies should increase training frequency so cybersecurity remains top of mind. Employees should know how to spot phishing emails, avoid use of public Wi-Fi networks, ensure home Wi-Fi routers are sufficiently secured and verify the security of the devices they use to get work done.
  2. Avoid public Wi-Fi. A lot of people like to work in public outdoor spaces near coffee shops and use public Wi-Fi, especially now that places are reopening. If employees want to work in public places, require them to use VPNs so IT can monitor for any malicious activity. Public hotspots are breeding grounds for hackers looking to exploit openings into corporate networks.  
  3. Double-down on endpoint protection. Although a firewall can help, most employees rely on a DSL or cable modem at home. It’s inevitable that an attacker will get through. Efficient endpoint protection platforms (EPPs) act as the next line of defense by detecting and blocking known threats. EPPs also let security teams keep up with all the applications that are running on the network. Furthermore, if the company has an MSSP, using endpoint protection software lets the MSSP actively respond to potential malware and ransomware issues.
  4. Stay up-to-date on patch management. We see massive breaches time and time again in which attackers gain a foothold by exploiting an old vulnerability. That’s what happened in the Equifax breach. Avoid this by keeping all software and hardware up-to-date. Security teams also need to install and enable security protection on all work devices. This includes personal devices used to access collaboration tools, email and any other business applications. In many cases, software updates can run automatically during downtime. This gives CISOs peace of mind since they don’t have to worry about potential risks occurring because software updates were not done.
  5. Proactively manage remote desktop tools. The pandemic has forced many organizations into a remote work environment and some companies have opted to loosen security controls to support this new model. With this shift, new remote desktop protocol (RDP) tools have been deployed that create vulnerabilities that attackers can exploit. Companies that want to use remote desktop tools should check out this list of top providers. Once the organization implements a tool, it should actively monitor these RDPs for suspicious behavior.
prestitial ad