Current cyber-environment calls for proactive approach
Current cyber-environment calls for proactive approach
IT Data Solutions
The conventional wisdom on cyber-security is to play defense and respond quickly to breaches. But can your organization be proactive?
Perhaps it is extreme to pay “white hat” hackers to probe vulnerabilities in your organization’s computer network. Or to pay for a monthly report that tells you whether any of your employees’ passwords or personal information is being bought and sold on the “dark Web.” Or to ask “hard questions” of each and every one of your third-party suppliers.
But these are not normal times. Implementing proper “cyber-hygiene” in the era of coronavirus is important as companies tighten up their cyber-security protocols for their remote workforce, according to the Cyber Threat Alliance (CTA), a group that facilitates information sharing among cyber-security professionals.
Some tips include not reusing passwords and making them complex; using multi-factor identification wherever possible; installing reputable anti-virus software with real-time protection; and keeping all operating system software up-to-date, the CTA suggests.
ABD Insurance & Financial Services (ABD), a California insurance broker, moved its entire workforce onto a virtual desktop system a few years ago. A virtual desktop is much more difficult for hackers to access, said Brent Rineck, ABD’s chief information officer.
Once employees are logged into the company’s virtual desktop, nothing they input on their remote access point is saved on the remote device.
“Once you’re in (the virtual desktop), it’s as if you’re in the office,” he said.
ABD also has all employees sign a remote worker agreement, which requires workers to acknowledge the company’s cyber-security protocols and to check in with superiors or colleagues several times a day. Employees also pledge that someone else is not doing their work.
Rineck says it’s one more way for a company to reinforce work-from-home standards.
The best way for companies to protect themselves from cyber-attacks is to properly train their employees, said Keith Wojcieszek, a managing director in Kroll’s Cyber Risk practice and a former head of the Cyber Intelligence Section within the United States Secret Service Criminal Investigation Division.
