As the novel coronavirus known as COVID-19 continues to spread around the globe and throughout the U.S., companies everywhere are hurrying to take or follow containment protocols. Chief among them is the effort to stop people from gathering together, which includes steps to immediately cancel conferences and events, and to push more workers to work from home. And while those efforts are important in containing the highly contagious disease, they also open the doors to a sharp rise in cyberattacks.

Sungard AS’ Asher de Metz

We asked Asher de Metz, security consulting senior manager at Sungard Availability Services, to explain this correlation between disease containment and risk spread so that MSSPs will know what to look for, advise on – and possibly lock down – to protect their clients from a new cyberattack outbreak.

Channel Futures: What are the increased security risks when people start working from home?

Asher de Metz: The main security risks occur when technology is removed from a place that it can be controlled. Taking laptops home opens up risks of physical theft, so companies need to ensure that laptops are encrypted. It also means that remote access needs to be opened up, but this access should be controlled with limited rights, and multifactor authentication should also be utilized.

The most common mistake employees make during this transition is a lack of preparedness. As such, network access is opened up quickly without thought to security, leaving the company open and vulnerable to attack.

CF: Are some technologies riskier than others for remote workers?

ADM: Yes, remote workers are most at risk when using solutions that aren’t owned and centrally controlled by the company. One example of this may be when employees do not have a laptop assigned to them and they have to use their own personal computer to login to a VPN for work.

The personal computer may not have the right security in place with up-to-date security patches, AV or may already be infected, which can open up the company to a breach since it’s connected to the main network via VPN.

To mitigate this, organizations should provide company laptops to employees. Additionally, the VPN needs to be setup to ensure that connections can only be made from systems with a baseline security level. The system should then be placed into a space that is segmented, controlled and monitored so that it only has the minimum amount of access necessary to complete the employee’s job.

CF: Are there any best practices to manage a situation like the coronavirus?

ADM: From a cybersecurity perspective for remote workers, organizations must ensure that business continuity plans that include cybersecurity rules are in place. It is important that the plans limit access, and that all employees are trained to know how to act and use the technology in case of an emergency.

CF: What are the threats of someone tapping into a video conference launched or participated in by home workers?

ADM: All video conferencing should be encrypted, setup with MFA and be controlled from a central IT source. This will reduce the threat of it being hacked and eavesdropping on calls, which is critical if proprietary information is being shared on conference lines.