Teleworking, Cybersecurity and COVID-19: A Practical Guide to Maintaining Healthy Digital Hygiene
Best practices
A few quick and easy measures that can undoubtedly help reduce your exposure to cyberthreats in a remote work environment. We relied heavily on the expertise and the resources of the following organizations to write this (inherently incomplete) list: Canadian Centre for Cyber Security, Terranova Security, Zerospam, Devolution, Streamscan, In Fidem, KPMG-Egyde, Secure Exchanges, Vumetric.
1
Partition your tools
Don’t let family members have access to the tools (computers, dedicated networks or accounts) used for your work.
2
Secure your data
Store work-related data in approved cloud or local storage.
3
Protect your drives
Implement full encryption of your hard drives.
4
Protect yourself from malware
Use anti-malware software that provide real-time protection and at least one weekly scan of all your disks. Ideally, your antivirus software automatically scans everything on your computer and anything that comes in.
5
Beware of indiscretions
Use a password-protected screensaver that activates after a short period of inactivity.
6
Do your updates
Make sure that patch updates are installed regularly on your operating system and your various applications.
7
Secure your wi-fi
Protect your wireless router with strong passphrases, WPA2 encryption (not unsecured WEP encryption) and MAC addressing. And use a firewall!
8
Watch out for unencrypted media
Never use unencrypted USB flash drives or portable hard drives to store important operational data.
9
Support strong authentication
Use effective and strong usernames and passwords, and implement a two-factor authentication system or a public key infrastructure (PKI) authentication. Do not use the same passwords for home and work. Promote the use of a robust password manager.
10
Do not leave doors open
Turn off Wi-Fi and Bluetooth networking services when you are not using them.
11
Stay alert!
In our personal environment at home we often have the habit of letting our guard down. Stay alert and cautious of unsolicited e-mails, text messages, chats and attached files. When in doubt – don’t click!
12
Speak out!
Immediately report suspected, suspicious and actual security incidents to the cybersecurity authorities within your organization.
Teleworking, cybersecurity and COVID-19
The digital transformation of our society has broadened access to high-performance remote work tools: computers are powerful, networks are fast and reliable, videoconferencing software is stronger than ever, and cloud management and storage tools provide remote access to all operational data of a given organization.
In short, there are no longer any real technological barriers to the widespread practice of remote working.
However, this very notion of remote work creates a bewildering dynamic from a purely “cybersecurity” point of view: IT management ends up having to provide protection to a multitude of small independent work units, managed autonomously and often straddling the line between what belongs to the organization and what is part of the worker’s private life.
Add to this a fair amount of improvisation caused by the rush to deploy remote working on large scale, due to the COVID-19 pandemic we are currently seeing, and you have all the ingredients for a cybersecurity disaster…
It is to support Quebec organizations, that now have to turn massively towards remote working, and to help them adopt best practices and reduce their exposure that In-Sec-M created this microsite in collaboration with its members.
We gladly benefit from the help of our partner, Cilex, for the English version of this microsite. We invite you to visit Cilex’s website at the following address: www.cilex.ca
We invite you to read the 10 IT Security Actions to Protect Internet Connected Networks and Information from the Canadian Center for Cybersecurity.
Our experts are talking about it
Terranova
Working From Home Cyber Safely Kit and Protect Yourself from COVID-19 Cyber Scams Kit
Mirai
Managing the Risk of Emergency Teleworking
StreamScan
How to defend your organization against hackers during this pandemic period
Secure Exchanges
Points to watch and measures made available
ZeroSpam
Some points on cybersecurity in telework
KPMG Cybersecurity
Sae Teleworking within COVID-19
Flare Systems
How to protect against the changing fraud landscape
Infosecsw
Wireless Network Security
Devicom
Good Teleworking Practices
Carillon and In-Sec-M
Webinar: Cybersecurity and Telework for Aerospace Businesses
Hitachi Security Systems
Beware: Cyberattacks Targeting Victims Worldwide and Capitalizing on COVID-19 Panic
InFidem
COVID-19 and Telework: Security Measures to Ensure Business Continuity and Protect Your Organization from Cyberattacks
DEVOLUTIONS
10 Tips to Stay Safe from Cyber Threats While Working from Home
Vumetric
9 Cybersecurity Best Practices for COVID-19 Remote Workers
TERRANOVA