The increasing number of people working from home has resulted in a dramatic increase in security breaches throughout the corporate world. One way to measure those breaches is tracking the reports of ransomware attacks to the FBI. These reports are up a whopping 600 percent since the pandemic caused dramatic increases in work-from-home situations.
What’s a ransomware attack? Criminals break into your network, encrypt all your data and then demand payment to give you the decryption keys. Payments are demanded in a non-traceable crypto-currency, such as bitcoin, vary based on the value of the data stolen and are almost always staggeringly high – but still better than going out of business.
The increase in the success of these attacks is largely attributable to the “backdoor effect.” Remote employees logging into your network’s VPN now expose your internal network to attacks from viruses that may already be lying in wait on your remote employees’ desktops. They can spread through your network and radiate back out to other remote users’ systems.
I know that many of you depend on Accio Data for much of your security needs, and I want to assure you that while we’ve always had a healthy paranoia, these days the assurance of information security is being given significantly more focus than even our past (already paranoid) selves had given it.
However, there are portions of information security that are your responsibility. Accio Data cannot protect PDF documents, financial reports, database backups and other information that you may store on your network. We also cannot protect your end users’ systems from viruses and malware that could, for instance, scrape your login information when you log in from your home computer as a system administrator. There’s a reason we call SysOps Level 2 the “keys to the car.” This is information you need to keep well protected.
Your end users are at risk, too. Just like a virus on one of your manager’s systems could get the “keys to your car,” a virus on one of your customer’s systems could expose all the data in their account to information theft.
One of the strongest measures that you and your clients can utilize to protect yourselves from these kinds of attacks is multifactor authentication (MFA). I strongly recommend that you configure all remote users of your system to use MFA. MFA can help protect against theft of account and password information, as long as your MFA device (cell phone or email) are not also compromised.
I also strongly recommend that you, as a CRA, turn on MFA for all your customers in an effort to increase security.
In summary, here are some of the precautions I recommend to protect you during the pandemic:
- Ensure every computer with access to your network has the most current virus and malware scanners (remember that most software only does one or the other, not both).
- Consider requiring your employees to take their work systems home with them and connect from them. You probably already have strong security procedures in place for these systems, and if you issue laptops to all your employees for desktop use, it can be pretty straightforward to implement.
- Regularly review your logged-in user list and look for inconsistencies. In the Accio platform, you can find this list under Operations/Reports/Online System Reports/Online Users.
- Enable/require MFA for all remote users. Contact Accio customer support if you have questions about how to do this.
- Strongly consider requiring MFA for all your clients and their end users.
- Instruct your employees to not “remember this computer” and to re-authenticate themselves through MFA every time they log in.
Thanks, and be well.