Crises are often good for pirates. The first confinement of 2020 thus triggered a wave of attacks aimed in particular at exploiting the isolation of employees and the Covid. Threats take the form of phishing sites and emails in particular, but also ransomware. As a result, companies have had to continue investing in IT security. In 2020, 45% of French companies surveyed by IDC even increased their spending. For 46%, the priority is to protect against targeted attacks.
This requires, among other things, a strengthening of the security of mobile terminals, which has jumped in the hierarchy of priorities. She now ranks second at 38%, down from sixth a year earlier. In the next two years, companies will also focus 57% on application access security and 48% on privileged account protection. A direct consequence of the explosion of teleworking, a practice destined to be perpetuated. But how do you actually protect yourself against these threats?
IT hygiene rules and technological solutions
VSEs and SMEs do not always, if not rarely, have internal cybersecurity skills. Different organizations, however, offer guides to help them adopt computer hygiene rules. This is the case, for example, of the State, through the Cybermalveillance.gouv.fr site, which delivers a series of recommendations intended for teleworkers, but also their employers. The objective is to cover the security of the terminals, but also of the company’s resources. And these recommendations have a definite advantage for VSEs / SMEs lacking cash: they are inexpensive, even free in their implementation.
Here are the main safety recommendations for teleworkers:
- Do not mix personal and professional uses on the same computer, especially if your employer provides you with a terminal. Pay particular attention to the sites you visit and the applications you install. The professional activity exposes in principle to lower risks. By separating these two uses, you reduce security risks, even though an employee may receive a phishing email or ransomware on their business address.
- Install security updates on your devices. In the case of a professional PC, it is also recommended to configure the updates in automatic mode. This will avoid the interventions of teleworkers, and therefore possible oversights.
- Install and activate an antivirus, even real-time protection. These security applications must also be up to date in order to detect the latest threats identified by publishers. It may be recommended to perform a full scan to ensure that no malicious program is already present on the workstation. If in doubt, do not connect to the corporate network to avoid propagation.
- Secure your accounts. The compromise of passwords directly threatens the company and its infrastructures and applications. The use of strong passwords, notably via a password generator, is a good practice in the absence of strong authentication.
- Protect your network access, in particular Wi-Fi. A breach in the protection of Internet access can constitute an access door to the professional network and to the resources stored on the terminal. Wi-Fi must therefore be secured with a robust key and encryption (WPA2) activated.
- Back up your data: in the face of attacks, but also software and hardware failures, backing up helps protect against data loss. Systems like Windows 10 offer automatic cloud backup. Work data can also be saved to an external drive, employer-managed storage, or a corporate cloud service.
The cybersecurity conductor company
However, responsibility for IT security cannot be completely delegated to company employees. Employers must also participate in cybersecurity. How? ‘Or’ What ?
- By providing professional terminals to employees as much as possible. These will be administered and secured by the company. Personal computers cannot guarantee the same level of security because they are not supervised.
- By controlling access from the outside: only really essential access should be opened. However, they must be controlled through network filtering and a firewall. Remote access for employees must also be secured using a VPN connection. CyberMalveillance also recommends the application of double authentication on these VPN accesses, in order to protect against identity theft.
- By enforcing an enterprise-wide password policy, or even substituting multi-factor authentication for them to connect to sensitive assets or for the most critical personnel. This includes, in particular, members of the IT department.
- By saving the data. Backups, which must be performed and tested regularly, will undoubtedly be the only solution to restore activity in the event of a ransomware infection. The CNIL also recommends storing user data on regularly backed up storage space accessible via the network rather than backing up on workstations.
- By supervising and keeping the logs. All infrastructure equipment generates activity data and logs. This logging will make it possible, in the event of an attack, to identify the cause and the remedies to be applied. The supervision of accesses and sensitive systems will alert on abnormal activity, a possible indication of an attack.
- By raising employee awareness. They are not threats and cybersecurity experts. They must therefore be informed of the risks and the means to protect themselves against them. The company must also be able to provide them with a rapid response in the event of doubt or malware infection.