As the nation transitions into the endemic phase and more employees start to return to work in the office, companies should maintain their guard and continue to assess their vulnerability risks to cybersecurity threats and ensure that the appropriate controls are implemented to address such risks.
Prior to this, the pandemic had posed several challenges that have caught many companies off-guard. Many solutions that were in place were not adopted or optimised, due to some reason or another. As company awareness has increased, management should consider the following:
Authentication
Authentication allows a Company to confirm the identity of employees who are trying to access the Company’s IT resources. Multiple, robust forms of authentication can be considered including Multi-Factor Authentication (“MFA”) where, if a username or password is compromised, the second line of defense should kick-in, e.g. push notification to a phone or even biometric authentication such as fingerprints.
Furthermore, passwords should be strengthened and multi-factor authentication should only go into devices that have been previously verified and enrolled.
Data Management
As data is a company’s most important asset, knowing where the data resides and ensuring that it is adequately protected from unauthorised access is crucial.
In addition, regular backup of important data is necessary and restoration tests should also be performed to test the integrity of the backed-up data.
Endpoint Protection
Endpoint protection can prevent unauthorised activity or downloading of programs on the local device if an employee accidentally interacts with a malicious email or website. Administrative access to these endpoints should be restricted to authorised personnel and updated patches must be in place to protect against the latest vulnerabilities.
Cloud Security
In the company’s haste to migrate its systems to the cloud as a result of the pandemic to focus on availability, access security should not be neglected. The principle of “least privilege” must be applied and excessive permissions should be removed. Data management controls should also be applied to sensitive data that is being stored on the cloud.
Awareness Training
Awareness training will help staff to anticipate, recognise and act on perceived threats. The ultimate goal would be to minimise the number of staff who would respond to an attacker while maximising the number of employees who would alert the company to the suspicious activity.
To aid in the above, the company should also implement malicious content filtering to prevent email-based attacks, besides strengthening their web filters and firewalls to restrict communication with malicious sites and potential attackers.
Monitoring & Testing
Companies should set up monitoring solutions to collect and monitor systems’ data to identify and alert them on suspicious activity in order to respond accordingly in a timely manner. Periodic testing of the environment, e.g. penetration tests and simulation exercises can provide good insights into security gaps, risky processes, or network vulnerabilities.