Tom Kellermann, Head of Cybersecurity Strategy, VMware Carbon Black, introduces us to the concept of ‘digital distancing’ and tells us how to practice it.
COVID-19 has shaken up Australian workplaces and has forced many organizations to move to remote working to contain the spread of the virus. In an effort to practice ‘social distancing’, many organizations moved operations from on-premise to mostly remote in a very short period of time (our data found that there was a nearly 70% increase in remote work globally).
Remote working has impacted organizations of all sizes with large organizations such as IAG having to move 98% of its workforce to remote working in a matter of days and Telstra ordering 20,000 of its Australian employees to work from home when the pandemic hit.
And when we do ride out the COVID-19 storm, the concept of working from home may be the norm with many organizations now relooking at incorporating this into their HR policy for the future.
A Telstra whitepaper found that 93% of businesses have changed their IT priorities due to COVID-19 with the top priority for respondents setting up policies for their remote workforce which includes ensuring employees can connect securely and access their applications and data.
However, remote working does have many organizations concerned. Financial institutions, for example, have been particularly badly hit, with attacks targeting the financial sector having grown by 238% according to a Modern Bank Heists report.
If we are to protect the stability and longevity of our society, individuals will need to apply the same sense of responsibility they have for limiting COVID-19 exposure to limiting the cyber-risks they create for themselves and the organizations they interact with. In short, people need to start practicing ‘digital distancing’.
What Is digital distancing?
The concept of digital distancing is similar to that of social distancing. Digital distancing looks at taking precautions focused on cyberspace and limiting the potential risk of intrusions from malicious actors affecting ourselves and those using our networks.
In practicing digital distancing, if you or someone close to you falls victim to a cyberattack on your home network because you failed to take the proper precautions, you can become a vector for a larger intrusion affecting countless others beyond yourself. The implication is that just as is the case with social distancing, we bear a social responsibility to those around us to do what we can to remain secure.
How do I practice digital distancing?
Adopting digital distancing practices is relatively simple and involves taking steps that most people should find accessible and easy to implement. Here’s how to get started:
- Use a VPN: One of the first steps to take in securing your remote work operations is to use a Virtual Private Network (VPN). A VPN obfuscates all of your web traffic, both by encrypting the data transferring back and forth from your system as well as masking your location and IP address. The result is that it becomes more difficult to snoop on what you’re doing online, giving you a solid layer of security against would-be attackers.
- Use both router networks: Many people don’t realize it, but every Wi-Fi router comes with the ability to simultaneously host two separate Wi-Fi networks. A simple digital distancing best practice you can employ is to create one network for personal use, and the other for professional work. The protections offered by taking this step are two-fold: intrusions via your personal devices and activities cannot be used to tunnel back to your organization’s network with potentially catastrophic and far-reaching results and intrusions made into your organization’s network cannot be used to then target others in your home.
- Proper passwords and MFA: Many people underestimate how easy it is for the modern hacker to crack a password. Make your passwords full sentences, as this draws out character length and makes it harder for machines to guess. Once you’ve created a strong password, combining it with multi-factor authentication (MFA) can drastically increase the security of your devices and accounts.
- Use Next-Gen Anti-virus on all devices, including Macs: Security software is fundamental, see it as your guard dog. Whether you’re on Windows or Mac, all of your devices should have this basic protection in place.
- Common sense and good judgement: The COVID-19 crisis has seen increased activity from hackers tricking unsuspecting individuals into clicking malicious links or downloading malicious files. Stay vigilant and tread carefully when online, making sure that you know what you’re clicking and downloading each and every time. In addition, update all your devices every Tuesday night – this ensures that the latest security fixes have been deployed to mitigate software vulnerabilities.
- Create a safe room: Hackers have a tendency to turn on proximity settings for any smart devices’ microphones and cameras when breaching a home. Dedicate one room in your home to be a room free of smart devices. This will guarantee you privacy in that setting.
With remote working set to be the new normal, it’s imperative that Australian organizations and their employees put in place good cybersecurity practices and adapt security models and approaches to ensure good remote work security to mitigate potential cybersecurity breaches.