Coronavirus: Why taking digital precautions is as important as handwashing

The world is changing by the day and life by the hour. As people adjusting to working remotely, The National looks at how companies and employees can avoid disruption and maintain security while working from home.

Avoid using personal accounts

Employees should not be sharing sensitive data over WhatsApp or personal email accounts and IT teams should be able to monitor the usage of unsanctioned applications.

Cyber criminals are “working hard to take advantage of this uncertainty”, Werno Gevers, cyber-security specialist at US tech firm Mimecast, told The National. So “it’s vital that all employees take additional digital precautions as seriously as regular handwashing. Ask your IT team what communications services they have approved for secure work at home”.

Think twice before clicking

Researchers have found many coronavirus-related malicious e-mail campaigns and hundreds of downloadable files that attempt to infect user devices. Malicious files have been masked under the guise of pdf, mp4 and docx files. The names of files imply that they contain instructions on how to protect yourself from the virus or updates on the threat.

“We would encourage companies to be particularly vigilant at this time… businesses should communicate clearly with workers to ensure they are aware of the risks and do everything they can to secure remote access,” said David Emm, principal security researcher at cyber-security company Kaspersky.

Test your VPN

A virtual private network enables users to send and receive data across shared or public networks.

“A strong VPN strategy is a foundational piece of keeping people and data secure… this is even more true as organisations plan to accommodate large groups of remote workers due to coronavirus,” said Forcepoint, an American cyber-security company, in its latest research note.

Companies can create separate private, performance-focused VPN connections for dedicated groups of employees to accommodate critical work. They can for instance create a specific VPN for accounting team members to access during end of quarter activities, Forcepoint said.

Ensure security of physical devices

Just because employees won’t be working from the office doesn’t mean they won’t travel or work in public places. When doing so, employees are exposing themselves to a greater risk of losing their laptops and all the data that resides locally.

“Ensure all devices use full disk encryption. If a machine is lost, the data on the device should not be accessible to criminals,” said Tamer Odeh, regional director at SentinelOne Middle East.

Implement robust password management for laptop access, said Mr Oden, adding that all accounts on the device should require unique login credentials.

Surge in state-sponsored espionage attempts

Cyber security companies have noticed a surge in state-sponsored espionage campaigns using coronavirus themed lures in phishing emails.

“By lures we mean email attachments and links that look like they are genuine, but are in fact malicious,” Jens Monrad, head of threat intelligence for Europe, Middle East and Africa at security firm FireEye.

This activity has increased since January as more nations are dealing with infections.

“Some of the malware campaigns we have observed are responsible for a large volume of spam and phishing emails as well as being used to deliver ransomware,” said Mr Monrad.

Use third-party apps

To ensure smooth work flow, there are a wide range of tools that aim to facilitate group collaboration through video conferencing, real-time communication, and secure messaging.

For example, Apple’s App Store has added several collections to help stay connected and productive while working remotely, including ways to connect with co-workers. Some of these include Slack and Zoom.