Securing devices for a challenge of a lifetime
In light of the current global situation, technology is replacing a number of real-life activities to help us through the unprecedented measures that have been put in place in response to the global COVID-19 pandemic.
As those transform their usual workplace office spaces into their kitchens, bedrooms and spare rooms, organizations need to invest in collaboration tools to enable remote workers to do their jobs securely. The new normal undeniably brings varying levels of risk, perhaps more so than ever before in terms of the possibility for business email compromise, data thefts and scams. Maintaining security is paramount as habits change and stay at home initiatives – intended to slow down the spread of the virus – continue across the globe.
Changing habits
As growing numbers of people social distance or self-isolate, global tech market advisory firm ABI Research estimates that Connected Home devices could see a 30% year-on-year sales surge in the coming months. With heightened use of connected devices due to the changing trends, the use of workplace collaboration tools such as Zoom and Microsoft Teams have increased dramatically and are allowing companies to adjust to the new normal. At the same time, social media and video calling services like FaceTime are allowing families to stay connected and video streaming services are providing some form of entertainment and a much-needed break from the news.
But the new normal introduces new unknowns, from bandwidth and remote access limitations to business email compromises. Although our traditional methods of business have been disrupted for now, this presents a golden opportunity for the hacker and workers need to be aware of attacker behaviour. For what could have been a chat in the office about a suspicious email, the communication barrier from home working means employees need to triple their efforts of security. Conference calls and virtual meeting are also on the rise. And while many of us have become security-conscious in our online interactions, virtual meeting security is often an afterthought.
By using the home network, this brings new vulnerabilities which are a prime target for attackers, as by connecting to a new location means devices do not have a support system like a corporate business network would. Not only this, workers are under intense pressure to get the job done with added distractions, such as trying to manage children, and will take short cuts to get as much done with less time. In some cases, a home PC may be used with a work USB, and this can lead to information hacking. As more time goes on, the attackers are getting smarter. The number one priority for organizations should allow workers to continue as normal, efficiently, safely and securely.
Stepping up protection
Devices are now under more threat than ever so protection needs to be stepped up too. A way this can be done is by increasing training for remote workers which in turn, enables user awareness. Having the knowledge to question browser pop ups could be make or break for an organization. More so, backups can happen and are especially important for remote workers, so a first priority for organizations is making sure this happens, so people can continue to do their job, for however long that may be, safely.
Unfortunately, if virtual meetings are not set up correctly, hackers might be able to eavesdrop or disrupt them. Using some basic precautions can help ensure that meetings are an opportunity to collaborate and work effectively, which include preventing the re-use of access codes, using a ‘waiting room’ option so you know who is entering the meeting, and considering limiting who can share their screen to avoid any unwanted or unexpected images or information. These are just a few options to consider for virtual meetings.
Secure devices for all
Fortunately, Trusted Computing Group (TCG) members are continuously working hard to mitigate the security risks that go along with the “new normal” that has emerged out of the pandemic. As a result, its members have already made significant progress on securing these devices, from the inside.
But, as many of the western countries have passed the peak of this pandemic, organizations are now seeking tightly regulated conditions and a realistic solution for the long-term. From the perspective of the Japan Regional Forum (JRF), a standard development Working Group, Trusted Comping Group specifications are needed to collaborate with government guidelines for a better-connected future.
Some of the recommendations from this perspective include using reliable and safer authentication to protect government data, such as strong password and multi factor authentication. With a wide range of security options on offer, TCG provides building blocks to create secure systems. The second step would be to implement Trusted Platform Modules (TPM) for device provision and will allow for a trusted relationship between interconnected devices. TCG protected devices provide hardware-based, embedded security subsystems based on TPM chips, which create reliable protections against these issues and enable truly cost-effective implementation.
One final message
Once the IT is set up and works well for the home office, and keeps your organization’s data safe, you may be tempted to put a tick next to ‘cyber security’ on your to-do list. It’s important to be aware of the potential risks every day, checking your devices are up to date, your antivirus is reporting everything green and your backups are current. These steps, along with TPM protected devices, will help prepare devices for a challenge of a lifetime.
*** This is a Security Bloggers Network syndicated blog from Trusted Computing Group authored by TCG Admin. Read the original post at: https://trustedcomputinggroup.org/securing-devices-for-a-challenge-of-a-lifetime/
