We are publishing this guide is to help you understand what to put in place, and what to communicate to your colleagues, to help everyone work from home with security in mind. For many people now working from home, this may be the first time they have been issued a work laptop or other device for remote working. We will likely see an increase in the number of cyber attacks and scams against corporations and individuals over the coming weeks and months, with cyber criminals taking seeking to take advantage of the COVID-19 pandemic, so it is vital to bring the awareness level of employees up as fast as possible. We want you, and your colleagues, to feel confident that you can get on with work safely and securely, and we hope this helps.
This document is aimed at the business level, to help you help your colleagues and the organisation as a whole. It covers:
Getting Securely Connected - VPNs, updates, Wi-Fi and more
Keeping Data - file sharing and back ups
Destroying Data - both digital and paper
Protecting Credentials - passwords, password managers and two-factor authentication
Staying Savvy - social engineering and awareness-raising
We're not asking for your contact details, or anything else, in exchange. We just want to help. Feel free to share it with anyone who may be interested or who may benefit from the advice.
Many others in the cyber security community are also sharing resources and removing the cost of some of their products to help at this difficult time. We are not endorsing these products or services, simply sharing the information in case it helps you:
The UK National Cyber Security Centre (NCSC) has also published a blog post that covers advice on how to prepare your organisation and staff work from home, which you can read here.
The wonderful team at Beauceron have generously provided a selection of free resources to help businesses secure their teams working remotely, including a LMS course (Scorm 1.2 format) and customisable PowerPoint presentation. Access these free resources and see their guidance on working from home here.
An incredible offer from SANS - they have released a huge portion of their commercial awareness materials for free to help organisations secure their home workforce. Check out this SANS webpage to download their resources, suitable for whether your organisation is large or small.
Another generous offer, this time from the password manager provider 1Password - they are making their 1Password Business free to use for six months, which they explain in this blog post.
Trend Micro are offering 6 months free access to Trend Micro™ Maximum Security to organisations with staff currently working from home using their personal computers, with more information here.
Proofpoint have published some information on scams and attacks they are seeing that are seeking to take advantage of the COVID-19 crisis, outlined in this blogpost. You may want to share this information with colleagues as part of your awareness-raising, to help them stay secure at home as well as at work.
Sean Wright has correlated a list of offers from companies who are providing free access to services that are usually paid-for, so it's worth keeping an eye on this blog post here.
John Scott has shared a post about working from home with advice for staff, which includes thoughts on physical and mental well being, as well as digital well being. Read John's post here.
Cyber Management Alliance have published a free remote working cyber security checklist to help organisations adjust to people working from home, which is freely available here.
It is upsetting (if, sadly, not surprising) that criminals are taking advantage of this pandemic, but it is uplifting to see the cyber security community share information and resources to help us all stay informed.
Stay safe and well, from all of us at Cygenta 💜