Karl Barton of SecureAuth provides us with best practice tips on how enterprises can dramatically reduce the risk of becoming victim to cyber-attack.
To accommodate modern working preferences, many businesses today allow employees to take work home, or work from remote locations such as hotel suites, conference venues or while abroad.
While this flexibility is viewed favourably by employees, it increases the risk of cybercriminals gaining access to the business network, and valuable information and assets.
As the bank holiday approaches, many people tend to travel and last-minute emails or reports may tempt employees onto shared networks.
However, with sensitive business data and public Wi-Fi access, comes great security risk and vulnerability. Here’s how you can avoid becoming a target:
Apply adaptive authentication at the login phase
Addressing security at the identity level can help prevent an attacker from using stolen login credentials.
Two-factor authentication is a start, but layering techniques such as geographic location analysis, device recognition, IP address-based threat services, and phone number fraud prevention can stop a bad actor from getting in the front door.
This analysis is largely performed in the background, allowing corporations to render stolen credentials useless without negatively impacting the user experience.
Avoid visiting any sites that contain highly sensitive data, while away from a secure network.
Unless it's an emergency, accessing sensitive data should wait until a private and more secure network can be accessed.
If travelling for work, employees should only visit websites or use applications that employ encryption.
For websites, the web address should start with “https://”, demonstrating a secure connection. Most networks will show a green or grey lock icon next to the URL on sites with valid certificates. Any alerts around a website’s certificate are a red flag.
Never connect to an unknown Wi-Fi hotspot
If in doubt, users can ask a staff member at the information desk which Wi-Fi hotspot is the correct one to use.
If users must connect to a public Wi-Fi network, ensure that two-factor authentication is enabled for application and website logins where applicable.
Choose to rely on mobile phone networks for data usage
If possible, simply disable the Wi-Fi and Bluetooth transceivers and opt for mobile networks for data instead. Mobile networks are not impervious to attacks but are far more secure than a public Wi-Fi network.
Karl Barton concludes that, “Businesses should be proactive about protecting valuable data, especially when remote working is a key facet of the modern workplace.
“Implementing comprehensive remote working security policies will ensure businesses don’t suffer from the increased agility that is often implemented to drive growth and efficiencies.
“Once equipped to take precautions, they can be the vanguard helping to maintain the organisation’s security posture.”