IT risks high with COVID-19
Kiwis in lockdown working from home need to take IT hygiene precautions amid the COVID-19 pandemic.
Delta International Group Managing Director Ian Pollard says the controversy over the use of Zoom as a video meetings platform at high levels has thrown a spotlight on an aspect of the COVID-19 emergency that hasn’t had a lot of attention.
But Ian says Zoom isn’t the biggest and only issue.
"This is a time when not only is the world in a state of disorder and confusion resulting from the pandemic, making it easier for online hackers to cause trouble, but we also have virtually everyone locked down at home and in many cases continuing to work," says Ian.
"That means they’re using IT platforms that possibly fall well short of the security they had at work. Plus they are using online technology substantially more to communicate and for leisure."
He says typical risks from home business IT activity include:
• use of non-sanctioned devices to access corporate data in a myriad of well-known applications which could lead to ransomware attacks or data compromise.
• -sanctioned devices being left unencrypted and vulnerable to theft in the home, which could lead to unnecessary exposure
• deficiencies in logging and asset identification which could complicate identifying legitimate vs unauthorised access
• receiving and opening emails or attachments from unknown (or even known) sources.
• financial scams / unauthorised financial losses
• ID theft Personal Data loss from less secure personal devices - blurring of lines between work and personal usage.
Those at home can avoid the worst risks by taking a number of simple precautions in their IT set-up and usage, says Ian.
Home users should employ Multi-factor authentication.
“A vast majority of data breaches over the last few years we have dealt with could have been avoided with MFA (a strong password is not enough anymore.”
They should encrypt all devices, avoid unsecured WIFI networks and be very suspicious about links and attachments from unknown sources.
“Be equally suspicious about payment requests or emails from unknown source.”
Ian advises people to have a BCP plan in place as a business always connect with a VPN.
“Be aware of the current increase in phishing scams including apparent COVID-19 advice emails, monitor for stolen data on the dark web and be sceptical of advice that doesn’t come from official sources.
“Keep your devices and anti-virus software up to date and run regular checks.”
Ian also recommended home users sign up to and monitor updates from CERT NZ and Netsafe.
"In our experience, taking these simple precautions can save an enormous amount of grief, time and money. Cyber-crime - scams and hacking etc - had become a huge global industry and with the virus it’s even more menacing when it’s impacting the household environment alongside the business sector."