Cybersecurity and the impact on the cloud during the COVID-19 pandemic
The COVID-19 pandemic not only has an impact on the physical world, but also the virtual one. So before you work from home, consider how it affects cybersecurity and the cloud.
The Coronavirus Disease 2019 or COVID-19 that first emerged in Wuhan, Hubei Province, China in December, has now spread across the world, killing thousands. This has led to global government mandates that force people to stay at home.
As more and more vehicles stayed off the roads, traffic on the internet surged and led to a notable decline in speed. For example, Vodafone’s internet usage rose by almost 50% in some European countries. In Italy, daily traffic after lockdown grew by 20-40%.
Video streaming services like Netflix and YouTube have surged by 12% worldwide, while the pandemic has increased internet use by as much as 70%. In the United States, the average time it took to download documents, emails, and videos increased as median download speeds dropped by 38% in California and 24% in New York.
Unsurprisingly, Netflix, and YouTube reduced image quality to relieve the networks. But it’s not just entertainment platforms, visits to news sites also rose by 60%.
The rise of remote working amid the pandemic
Many companies have also had to adopt remote working models to ensure that business continues as usual. This approach resulted in a 500% increase in traffic on Microsoft Teams in China in January and was followed by the rest of the world.
The sudden surge of traffic also led to outages. Both Microsoft Teams and the video conferencing platform Zoom experienced some downtime in March. However, the sudden rush to work from home also increases exposure to risk. While communication and collaboration are crucial to facilitate work, not following security best practices can compromise business-critical data.
Employees working from home are easy targets
When workers aren’t alert to security threats, they can bring viruses with them when logging on to enterprise networks. FinTech company, Finastra, for example, is actively investigating a potential data breach while the majority of the company is already working from home.
This makes it vital for businesses to take steps to respond to this threat effectively. As such, organizations should make cybersecurity a critical part of their business continuity plans. But how do you achieve this in the current climate?
Make online staff training mandatory
Before enabling employee access to enterprise infrastructure, make sure to engage in online security training. This approach will help mitigate risk and help ensure that they are alert to hacking tactics like phishing emails.
For example, there’s a phishing campaign that’s been making the rounds pretending to be a local hospital asking recipients to get tested for the COVID-19 virus. If your employees aren’t alert to this threat, some might click the malicious link.
Encrypt all sensitive data
If you fall victim to a data breach, encryption will ensure that you stay protected. So take steps to encrypt sensitive data in motion and at rest. You can achieve this by leveraging the services of companies like Artmotion and Tresorit.
If employees take company laptops home, you have to make sure that it’s secure. The best approach is to encrypt the devices to mitigate the risk of physical theft.
Enable controlled access and multi-factor authentication
When you open up your cloud infrastructure to remote access, make sure you control access by limiting user rights. Only provide access to resources staff need to do their job.
Consistently enforcing multi-factor authentication will enhance security. So make this part of your corporate culture. It’s also critical to require additional credentialing to download sensitive data. Again, you can enforce more multi-factor authentication protocols before a single byte is downloaded.
Communicate and collaborate through secure tools
As a rule, only use communication and collaboration platforms that come with end-to-end encryption. It’s also essential to ensure that the company follows ethical data privacy protocols.
Zoom, for example, was found to put user privacy at risk. Soon after, they were also accused of using their own definition of the term “end-to-end encryption” and not actually implementing it.
Access via a Virtual Private Network (VPN)
When remote workers log in to your network, make sure that they always do it through a VPN. As VPNs allow data to be shared across public networks like their devices were directly connected to a private network, it adds another layer of security.
According to AtlasVPN, as people started working from home in the U.S., VPN use rose by as much as 53% and more than doubled in Italy. However, when adopting this approach, it’s vital to ensure that VPN applications are set up to connect with a baseline security level, then segmented, controlled, and monitored.
Have a data breach plan ready
Even during a crisis, we have to be prepared for the worst. So have a data breach or incident response plan ready. It’ll also be a good idea to run tests to ensure that you have all bases covered.
Key takeaways
- Ensure that business continuity plans include cybersecurity
- Encrypt sensitive data in motion and at rest
- Forbid access before online security training
- Encrypt data on the cloud and enterprise devices
- Require multi-factor authentication upon each login to the company portal
- Require additional credentialing to download sensitive data
- Communicate and collaborate only through apps that leverage end-to-end encryption
- Use a VPN always, but set it up correctly
- Make sure to have a data breach/incident plan ready
If you need help to enable work from home initiatives or support to encrypt cloud data, we can help. Request a call back now.