In response to COVID-19, organizations around the globe have shifted to embrace technology that enables remote collaboration. While these tools have provided many workplaces with great flexibility, these dramatic changes in how people work, share and collaborate can also greatly affect each organization’s security profile.
Amidst the “new normal”, tech companies are tasked with providing the infrastructure necessary for telecommuting in a manner that is both safe and effective.
“Our primary focus today is empowering our customers, partners and communities to stay connected and productive despite the challenges they are facing. Furthermore, ensuring their safety and privacy are never compromised as they continue in this current landscape. All steps have to be taken when it comes to cybersecurity and we’re committed to meet that demand with the insights and solutions they need to safeguard their people and organizations,” Microsoft Philippines Country Manager, Andres Ortola, said
Cybersecurity has become a priority for all business leaders. Sharing best practices in establishing remote work set-ups, Mary Jo Schrade, Assistant General Counsel and Regional Lead of Microsoft Asia’s Digital Crimes Unit, discussed the most prevalent cyberattacks today, and how companies can combat them as office spaces adjust their set-ups to work remotely in the coming weeks.
Everyone’s gone phishing
It’s estimated that 91 percent of cyberattacks start with an email, which either leads to malicious links directly or which contains dangerous attachments.
According to Schrade, “Since the COVID-19 pandemic began, hackers have ramped up phishing and ransomware attacks by fivefold, according to some estimates, in order to harvest sensitive information from users.”
To combat this, organizations need strong tools. For instance, Microsoft employs a multi-layered defense system that includes machine learning, detonation and signal-sharing to quickly find and shut down email attacks. If any of these mechanisms detects a malicious email, URL or attachment, the message is blocked even before reaching the inbox. Attachments and links are opened in isolation through virtual machines – in essence, like detonating a bomb in an unpopulated area. On top of that, analysts continuously evaluate user-submitted reports of suspicious emails, which can be used to better understand attacks and to train machine learning models.
Once a file or URL is identified as malicious, the information is shared with other services such as Microsoft Defender Advanced Threat Protection (ATP) to ensure endpoint detection benefits from email detection, and vice versa. Sharing signals across services means that PC users with Windows Defender can be protected even if they’re not using Microsoft email services.
Teaming up and managing logins
The prevalence of work-from-home set-ups all over the world has resulted in an influx in the use of telecommuting software. Employees are chatting and sharing more than usual during this time, even if several organizations have not designated an official tool provided by IT.
According to Schrade, “As they figure out how best to stay in touch with colleagues and coworkers, and become more adept at using chat applications and shared documents while replacing planned meetings with conference calls, there is an increased need for reminders on best practices for cybersecurity.”
“The single best thing users can do to improve security for employees working from home is to turn on multi-factor authentication (MFA): Employ MFA for all employees, all of the time. Remember that this works best by also using block legacy authentication protocols that allow users to bypass MFA requirements. If an employee is unable to distribute hardware security devices, he or she can also use Windows Hello biometrics and smartphone authentication apps like Microsoft Authenticator,” she added.
Lending employees a hand
Since remote workers have access to proprietary data and information and user networks, Microsoft recommends that every organization should establish a clear communications policy to help employees recognize official messages. For example, using an official channel like Microsoft Stream can ensure employees are able to distinguish legitimate communications from phishing while helping people to feel more connected; and on-demand streaming also helps employees juggling personal responsibilities, like school closures or travel schedule changes.
“Leaders should warn their employees to expect more phishing attempts, including targeted spear-phishing aimed at high profile credentials. Employees, on the other hand, should watch out for urgent requests that violate company policy, use emotive language and have details that are slightly wrong—and provide guidance on where to report those suspicious messages. Now is a good time to be diligent, so leaders should be clear on what official communications about business continuity and health and safety should look like and from where they should originate,” said Schrade.