Is your cybersecurity posture ready for the quarantine?

Just about a year ago, I was working for another company–one that had managed to both stay open and pay its employees during the government shutdown of 2018. During that time, we saw many government contractors that had it much worse and that went out of business or had to lay off staff in order to stay afloat. Before I left that company, I wrote an article for their blog about keeping ahead of your cybersecurity posture in the event of a financial hardship. It was aimed mostly at government contractors as a warning against another shutdown.

Who would have thought that our companies would be going fully or mostly remote? Who would have thought that we could be facing employees at home or sick in the hospital? Though most employees are still around at this point, I thought I’d revisit that article here with some takeaways from the government shutdown that can be applied to the 2020 quarantine.

  • Who is monitoring your audit logs or keeping your audit logs from overflowing and losing data? Remember to check your audit logs daily, even if it means teaching someone new to do it. If you’re still onsite, set up your system to use consolidated audit logging with a dashboard that is easy for a less technical person to use.
  • Are you keeping up with patches that are released during work shortages for both servers and powered-off computers? Even non-technical people who use computers know that their computers download and install critical patches each week. But when their computers are sitting in laptop bags or powered off on their desks, those computers are not receiving patches, and hackers know it. The skeleton crews working in IT may also allow server patches to go uninstalled in favor of more public-facing work. This poses a hacking risk once computers and servers are turned back on with known vulnerabilities still in place. To avoid these risks, automatically push updates to laptop and desktop computers. Ensure that your quarantined staff are turning on their laptops on the update day and leaving them on until they are patched. If there are powered-off desktops, designate a person who is in the office to update those computers if possible. For the servers, designate one IT employee to check for server patches one day per week and to oversee installing them.
  • Are you keeping up with electronic certificates? They can expire, making it easier for a hacker to spoof your web site. When do your web site’s certificates expire? Who responsible for knowing? Is the one person who knows the answer at home or worse, sick, when certificate renewal comes around? A certificate that has just expired has still expired, and with a web site showing expired certificates, a hacker can very easily spoof your web site. Know who is responsible for certificates and designate a back-up person. Add the date of expiration to both employees’ calendars so that someone knows it is happening.
  • Are you suceptable to “Social Engineering?” Your now-remote employees may reveal something on social media regarding what company they work for and that the company is on a skeleton crew. Even people who are usually vigilant about not mentioning their company’s name on social media may become less so when reporting to friends about their lives at home during this unprecedented time in their lives. Hackers aren’t taking the month off, and they will take advantage of any information they can glean from the web. Simply finding your company’s name, what area of the country you live in, and information about how few people are working could be the impetus for bad actors to turn to your company as an undefended target. It is a good policy in general to ask employees to keep their company name off of social media like Facebook and Twitter, so if you don’t have a policy in place for it, you might want to consider creating one now.

We are going to get through this! Social Distancing is in place for a good reason, but in some places it’s happening more quickly than some companies have time to consider putting policies and practices into place. Take action right now. Contact me if you need a referral to a good resource to help if you’re too small to do it yourself.

Be good to each other, and stay healthy.

An earlier version of this post was written by Lynne Glowacki and edited by Travis Johnson and was posted to the blog at HumanTouch in February 2019.

Leave a Reply

%d bloggers like this: