What are the Most Common Cyber Security Threats Amid the Pandemic?

TO THE NEW, a digital technology company has successfully been able to support and manage business continuity for all its clients during the global COVID-19 crisis and has been able to deliver services in a seamless manner to them even during these times.

TO THE NEW has also augmented its remote device testing capabilities by procuring additional devices and shipping heavy devices like Smart TVs directly to its employees’ homes to ensure a seamless work environment particularly for its mobile applications and OTT platform clients. To further augment its remote testing capabilities, the company has reinforced platform simulations through Cloud-based device farms to help accurately simulate the test environment for its customers.

Express Computer tries to understand more of the same with Deepak Mittal, Co-founder & CEO, TO THE NEW, and how to deal with cyber threats (if any) during such times, and how to manage hiccups.

How can organizations rapidly deploy and scale mobile workforces securely?

Most of the companies in India’s IT industry have traditionally been offshore-centric. They have deep experience in working with remote and distributed teams and have high maturity with remote workforce deployments as compared to other industries. Remote access via VPN, data access, and collaboration tools and high-end and professional-grade laptops make it easier to work collaboratively, despite the physical distancing that we face today.

How is your organization ensuring the same?

Given the nature of the business we are in, data and content security of our customers are of utmost importance, regardless of the location that our workforce is deployed in. Being a Cloud-native company since our inception in 2008, our servers can be accessed remotely with all safeguards in place. TO THE NEW’s IT team has ensured that we have all security protocols built-in which are being followed with 100% compliance across the organization. We have visible and forensic watermarking in place to ensure watertight content security for our clients.

To further augment our remote testing capabilities, we have reinforced platform simulations through Cloud-based device farms to help accurately simulate the test environment for its customers.

Why are home Wi-Fi networks especially risky to enterprises when employees work from home?

With the increase in teleworking over the past couple of months, wi-fi users need to be diligent in their usage of the internet. Since personal wi-fi might not follow similar security controls as that of a professional environment, they tend to be at greater risk and more vulnerable to cyber-attacks. Access points must be secure while working in a remote working environment, to ensure endpoint security. Data encryption, application control, logical access controls, and end-point security measures like firewall and anti-malware help in mitigating the risk while connecting with clients, remotely.

We at TO THE NEW, have been regularly carrying out remote worker training to make our people aware of the probable threats in a remote working environment.

What new cyber threats have emerged amid the COVID-19 outbreak?

The pace of rapid change across industries has brought about Data and Content security risks in the ecosystem through cyberattacks.

A huge rise in social engineering attacks using COVID-19 related information is seen by the industry in the last couple of months. Recent trends show that cyber attackers are using emails with malicious attachments or links, COVID-19 tracking maps, websites, fraudulent charity websites to trick unsuspecting end-users.

What are some cybersecurity best practices for both employers and employees to adopt while working remotely?

To deal with the disruptions and threats of remote working, businesses require to embrace protective methods of security in place to ensure that they are secure, their communications and data are efficiently protected even in difficult times like these. Some of these are very elementary but effective:

  • The first and most important thing is to educate employees to identify potential risks and beware of any unsolicited email and attachments
  • Change the default password for all devices of home internet and accounts. Employees should create strong, uniquely un-identifiable passwords and be trained to follow cybersecurity hygiene such as changing the passwords frequently
  • Employers must ensure that all remote systems and solutions like VPN are patched and configured appropriately
  • System monitoring should also be enhanced for early detection of any threat or abnormal activity
  • Employers should review and update incident management, BCP, and data breach response plans to consider new environments and norms of day to day business operations
  • Keep all devices patched and up to date.  It is not only limited to your work device but all the internet-enabled devices that are connected to your home network
  • Employers should be proactive in restricting account access with appropriate permissions at the employee level, as required

How do you get rid of the hiccups?

The key for any organization is to reduce risk, apply preventive mechanisms, detect threats early, and strengthen failover capabilities.

Some of the things that really helped us in maintaining continuity of business are scaled up capabilities to handle the extended load on VPN and other remote systems; capacity management with support desk and the network management team, and effective communication amongst management, monitoring, and response teams.

Lastly, real-time backup of all crucial information and quick failover mechanisms has helped TO THE NEW in reducing availability and data-loss risk significantly for us as well as our customers.

See the media coverage here

Published in