How to Minimize the Risk of Insider Threats (Physical and Cyber) During COVID-19
Many businesses have severely reduced their operations or shut down completely during the COVID-19 global pandemic. Rather than the number of business risks being reduced through lower operations, in many instances risks have been magnified. Idle or under-utilized sites can be under-guarded and can be soft targets for several different forms of attack. The main types of threats can largely be broken down into physical and cybersecurity threats. Security leaders are advised to pay attention to the following threats.
Physical Document Security
One of the unavoidable realities of remote working during this time is the need for staff to travel home with sensitive information in physical document forms. They have to keep these at their homes and sometimes print even more documents on private networks. Stopping this practice is near-impossible. Businesses must come up with a strong plan for the destruction of sensitive company information when employees are done with it.
Sensitive Document Storage
Whether firms are operating at reduced capacity or shutting down entirely for this time, it is quite possible that papers and documents will be left at workstations and printer stations in the office. Organizations need to enforce a workspace clear and clean policy that necessitates the reduction of sensitive material lying around. There must be clear guidelines regarding what needs to be filed, what needs to be shredded and at what intervals.
Many organizations have access control systems, and employees will need to be reminded not to share their identification. Employees need to be educated on the importance of protecting their IDs or access cards. Without training or regular reminders, employees will often share or lose their access cards. This sharing practice, which happens regularly in normal times, becomes more dangerous in crisis periods. Staff need to maintain vigilance to avoid identities getting into the wrong hands.
Unauthorized Vehicle Entry
Many sites are fitted with access control systems which allow authorized vehicle entry. These systems include locked barriers or swipe-card mechanisms. Tailgating is a term that refers to unauthorized vehicles opportunistically entering a site behind an authorized vehicle. With the right security measures, acts like tailgating can be stopped. Systems can be enhanced with new mechanisms. Employees need to be reminded of this possibility of this happening.
Building Security and Oversight
When sites shut down completely, as is happening during COVID-19, the security of brick and mortar buildings becomes paramount. Good quality locks on all entry and exit doors is a necessity Similarly, all windows should be shut and secured. Businesses should keep only the minimum level of internal and external lighting where possible. It is a good idea to have a remote movement detection system. If this is not possible, sites can be manned by human security.
Services and Utilities
Businesses that shut down should have a strategy for what to do with services and utilities. Electrical systems will have to remain operational but on reduced levels in order to facilitate security and lighting systems. Water systems must be managed or curtailed to reduce flooding or fire risk.
Good Practice for Storage of Items
Consider reducing how much combustible material is kept on site. Potentially problematic material includes form of packaging, waste items, or reclaimed items. Make sure that there is an appropriate separation distance between all electrical outlets and potentially flammable materials. Any items which are combustible or flammable or unstable in any way should be placed in safe storage.
COVID-19 themed phishing threats are on the rise. Many threats purport to come from reputable government entities or health bodies. Many trojan strategies include getting employees to engage with suspicious material through appearing to be important updates, financial rescue packages, or emergency benefits. Many of them have tell-tale giveaways such as bad grammar, punctuation and spelling. There are also design and quality issues which are easy to spot.
This is why it is so important to establish a remote working culture that takes IT best practice as top priority. Every location globally must take IT services seriously. Bringing in extension services early will allow crucial crisis planning to take place before the problem arises.
It is normal for organizations to carry out periodical cyber security training. However this needs to be ramped up in times of crisis. This must be combined with regular, organization-wide updates and reminders. The heightened threat level requires best practice reinforcement, or else employees will forget. Disseminate important updates such as cyber policies and rules, such as who to contact in the event of cyberattacks.
Top Tips for Remote Working
Make sure that practical advice is followed. This could be the use of strong passwords, or methods to use two-factor authentication, Ensure that all hardware has up to date anti-virus and firewall software. Institute a helpline or online chat line if you do not already have one. Encrypt data on laptops used for remote working given the risk of theft. Disable USB drives to avoid the risk of malware.
Plug the Finance Payment Hole
Shore up your financial payment release structure. Get visibility of large, non-standard payments during this time. If you have fallen risk to the inevitable financial endgame of a security breach, this stop gap can be an important measure to avoid funds leaving the business to ransomware.
Ensure Backups of Critical Systems
You must be sure to backup all critical systems. Check that backups have been performed correctly and the information is safe. Create multiple backup options, be it in the cloud or with multiple carriers. Arrange for off-line storage of backups regularly. IT consulting and other similar services can provide key advisory services ahead of a crisis to ensure there is clear direction once crisis mode is entered.
Lastly, beef up your incident and crisis management systems and importantly, link them to actionable contingency plans. Have backup communication channels if your network has been compromised. If you have a ransomware incident that disrupts your IT systems, being able to operate and communicate through secondary means will be important.
Leading with Security
During business-unusual times, emotional stress and lack of clear direction can lead to unintentional insider threats. Security leaders should evaluate their whole methodology, looking past the obvious. Leaders must also think about the transition to the future. Every crisis is a learning moment. This is a great chance to look at the technology and processes put in place during the pandemic and consider how these might help the organization be stronger moving into the future.