By: Mr. Sonit Jain, CEO of GajShield Infotech.
The world now knows the advantages that digitization brings. But the pandemic has demonstrated to us not only the advantages of digitization but also the vulnerabilities that it brings. As the number of personal and public devices used in remote working increases, it also increases the surface of potential vulnerabilities that can be exploited by cybercriminals.
Tips to revamp your cybersecurity for the post-pandemic era
A few changes in your cybersecurity strategy can help you prevent any possible cybersecurity possibilities post-COVID.
1. Monitor remote, work from home users
It is inevitable that most of the organizations will not work full strength post COVID. To allow seamless workflow, enterprise applications will be deployed on the cloud. Some members of your remote workforce might access enterprise data through public WiFi networks. Cyber attackers can use this opportunity to tap into your organization’s network. Hence, monitoring cloud access requests will become an inseparable part of any cybersecurity strategy. You can leverage an enterprise cloud solution for monitoring all requests for accessing data on the cloud. An enterprise cloud solution will route all public WiFi requests to your head office firewall. This will ensure that all the requests are monitored from a single system and abide by all the policies that you have created.
2. Strengthen BYOD Security
Bring Your Own Device (BYOD) culture was already popular in many organizations, and the pandemic has now generated a shift by spreading this culture in organizations globally. Employers are asking employees to bring their own devices to minimize the need to work on and come in physical contact with common office devices. The increase in personal devices often increases the surface area of potential vulnerabilities. For instance, a smartphone device can have malicious applications installed that can compromise critical business data. An attacker can promote a malicious application that can help employees to complete their tasks much quicker and initiate a trojan horse attack.
You should, therefore, increase BYOD security post-COVID to prevent any possible data exploitation from personal devices. You can install a contextual data leak prevention solution to create different BYOD policies and limit access based on the context. You can also use application filtering to block the usage of risky applications on personal devices that can lead to data exploitation.
3. Add context to data and data transactions
Email is the most effective and widely used mode of business communication, and attackers usually target it for phishing attacks. Phishing attacks have doubled globally and, in some geographies, have reached 600% of previous levels. Bringing context to data can help reduce these numbers.
4. Develop new security policies
Due to the new remote working norm, monitoring the remote workforce will become vital. Hence, you might need to move to new operating models for seamless collaboration and high productivity. You should, therefore, also build new security policies according to the new models and other post-COVID needs.
One example of post-COVID needs can be increasing email security policies. Cybercriminals can disguise as higher authorities and send COVID related safety awareness emails with malicious links to employees. You can prevent these types of phishing attacks by creating policies for them. For instance, you can create a list of COVID-related keywords like COVID, COVID-19, coronavirus, corona-virus, and many others. Then you can make a policy that all emails containing those keywords along with any links or attachments should be restricted. If you want to send any awareness emails, then you can send it without any links or attachments.
Another example can be limiting the bandwidth. As mentioned earlier, asking employees to bring their own devices would be essential to prevent any possible spread of the virus. Cyber attackers can hack any device and send unnecessary requests to increase network traffic as part of DDoS attacks. You can limit the bandwidth of your network for personal devices to prevent any DDoS attacks. You can also apply application filtering policies to allow data access only through specific applications.
5. Minimize false alerts
Investing false positives is a waste of time and resources, and missing false negatives can increase cybersecurity threats. Hence it is important to minimize false alerts, whether positives or negatives. A contextual intelligence engine can help you minimize false alerts. It allows you to create your custom policies and adds a contextual layer to your cybersecurity system to minimize false alerts. This will allow more time to your cybersecurity team to inspect actual alerts that can lead to security pitfalls.