Securing enterprise data stores is a complex task. Hackers continually search for new ways to steal sensitive information. If they target your systems, you will need every tool at your disposal to prevent their unwarranted intrusions.
Security threat vectors and the tools, technologies and products we use to protect against them have two things in common: They are wide-ranging and vast in number.
These are the unique circumstances that working from home presents and the measures organizations can take to maintain good data governance and protect sensitive data stores from unwarranted access.
Hackers increasing their efforts
From COVID-19-related emails carrying malware payloads to data breach attempts and Zoombombing, data security analyst firms are tracking a rapid increase in attacks. A recent intelligence threat report from Cisco Talos highlighted how hackers are using COVID-19 to their advantage.
The increase in hacker activity and the increase in people working from home have led to many COVID-19 data security challenges. The best way to combat these challenges is to increase employee awareness to security issues.
Employee security awareness programs
One of the biggest scares for employee security is email-based attacks. The email threat landscape is as wide as an organization's employee head count.
Security awareness programs help educate employees on various types of threats and outline recommendations to improve their security posture. Security teams need to increase the frequency of email security training and awareness broadcasts that provide threat prevention best practices.
One tactic to reinforce email security awareness is to perform phishing and whaling tests. The security team creates a mock email with a forged sender address and a commonly used subject line. The fake sender address can be a fellow employee, manager or trusted vendor. The email is distributed to personnel to determine who successfully identifies the threat and who doesn't.
Rapid increase in remote workers
Other COVID-19 data security challenges come from the amount of people working from home on less secure networks.
As millions of workers who traditionally performed their duties on-site are migrating to remote work, IT organizations responsible for helping them quickly become productive are struggling to keep up.
Here are a few examples of how COVID-19 has dramatically increased the threat vector surface area:
- inadequately secured home computers accessing corporate networks;
- remote user home networks that contain unsecured devices, including gaming consoles, smart home components and baby monitors;
- remote workers using unsecured tools and utilities to help them work more efficiently;
- the sheer volume of new users overloading security and remote connectivity hardware and software components;
- system administrators and security team members responsible for protecting the organization's data stores facing unprecedented workload increases; and
- IT departments focusing most of their attention helping remote workers maintain productivity, resulting in security procedure shortcuts and lapses in adherence to data governance standards and best practices.
Here are a couple resources to further your security education and help you better deal with COVID-19-specific threat vectors:
- National Cyber Security Alliance (NCSA). NCSA's board members are the who's who of data security. The resource library page contains dozens of links to helpful articles from leading public and private organizations, including the Federal Trade Commission, NIST, Microsoft, Trend Micro and Proofpoint.
- Mandiant Consulting webinar. Mandiant Consulting is a cybersecurity and threat intelligence consulting firm owned by FireEye. For a detailed technical discussion on remote work vulnerabilities and threat prevention countermeasures, check out the company's webinar on planning around a remote workforce.
- Thycotic's Cybersecurity for Dummies. Thycotic's 24-page booklet explains how employees can improve their overall security posture. Thycotic is an industry-leading security software provider with its Secret Server Privileged Access Management product.
The top recommendation is to scour the web for free vendor offerings and assistance. Begin by searching your current vendor websites. You may be surprised at how data security and remote connectivity industry verticals are stepping up to help organizations. Their offerings range from temporary licensing increases to extended trials of additional products.
Data governance and security best practices
Regardless of the time constraints imposed by unprecedented work volumes, organizations need to continue to adhere to existing data governance and security best practices. Organizations can continue to use the traditional data security and data governance workflow mechanisms to combat COVID-19 data security challenges. These continued measures include meetings, ticketing system change requests, email threads and phone discussions.
Teleconferencing enables organizations to continue data security and data governance group discussions that were once held on-site. Although their workloads may be higher, data security and data governance teams are able to use their existing workflows to maintain operational efficiency and implement additional products and procedures to deal with COVID-19's impact.