You have probably heard of this interesting virus affecting people in other countries. However, have you considered the organizational impact Coronavirus may already have on your business today? What about when, not if, it proliferates in the United States? All major publications and news outlets – the New York Times, The Wall Street Journal, CNBC, etc. - have been reporting about the virus, but they aren’t really speaking to the impact it has for your business, nor how you can prepare for future setbacks. We’ve seen investors, the stock market, US and international conferences and trade shows already suffering, so let’s focus on how your business should prepare for what is to come.
The Center for Disease Control (CDC) is already outlining pandemic planning and asking the public to prepare themselves. The World Health Organization (W.H.O.) was cited stating that the “world is not ready”. This virus, known as COVID-19, is highly contagious and deadly which is forcing governments, including small city cruise ships, to respond by mandatory quarantining to the general population in the areas of known existence. Now think about your organization, where are your physical facilities (corporate, manufacturing, engineering, development, etc..), employees, vendors, partners and clients? Could external factors like supply chain or contractors contribute to potential business disruption? If one of these areas were to go under quarantine, what have you proactively put in place to ensure sustained business continuity?
Many organization’s processes and applications are already accessible from anywhere, or at least moving this direction., while some justifiably haven’t transitioned to the cloud, or even made their physical data centers cloud-like yet. Some leverage the cloud in a private (Private Cloud) architecture for various reasons while others are going with a hybrid model or even cloud-first and cloud-only strategy. Regardless how you are built, is your environment accessible to your employees on a need-to-know basis? With the looming potential of remote work due to sickness or outbreak, organizations should consider creating contingencies for employees to work from home rather than their desk. Does your staff have the resources, licenses, processes, bandwidth, support structure to accommodate this hyper growth and mass use for the emergency mobile/remote work force?
How do I prepare for a mobile workforce?
To start, your organization should consider accessibility to ensure productivity is maintained. Consider what is actually at one’s desk. The use of thin clients, like Citrix or VMware Horizon, are very popular methods to virtualize the office computer for employees, whether inside or outside a corporate facility. If a technology like this isn’t in place, consider looking at this quickly. If you do have this in place and just need to further expand with alternatives on the remote/client side, consider a software-based solution like IGEL to turn any machine into a thin client.
Next you’ll want to consider the security implications of this temporary work circumstance. While remote connectivity has its advantages, it can also expose an organization to a whole new attack vector. If properly architected, implemented and maintained with security in-mind, your organization can help eliminate or lessen the associated vulnerabilities and risk.
Some areas to consider, whether for this potential pandemic or for general organizational technical cybersecurity hygiene, are as follows.
Identity – Ensure to consolidate user directories and accounts, govern access, separate and shelter privileged access, implement multi-factor authentication in a dynamic and conditional manner and leverage User Behavior Analysis (UBA) to identify abnormal or malicious behavior.
Zero-Trust – “Never trust, always verify”, ensure identity, validate application access permissions, understand security posture, segment/micro-segment the data center’s network, host (virtual or not) other assets, ensure lateral inspection and control, and leverage Entity User Behavioral Analysis (EUBA) and Network Traffic Analysis (NTA) to identity abnormal or malicious behavior.
Data Governance – There are many cybersecurity technologies that ensure security nearest to the data. Leverage database activity monitoring solutions for auditing, confirm data access at the field level, implement Machine Learning (ML) to engage quick sanding to prevent malicious access, data leakage and mass encryption, use tokenization and encryption for databases at the field level and in-transit.
Threat Landscape – Understand your organization’s vast exposure and internet presence, monitor this for changes and adversarial mimics; including deep and dark web monitoring. While this may not be as important as other areas during this time, it’s important to know your organizations assets, IP addresses, applications, locations, implementations, intellectual property, etc... If your organization is in the cloud, use a Cloud Workload Protection Platform (CWPP) to continuously assess your cloud posture and areas of concern.
Endpoint Security – Don’t rely on the operating systems native security controls alone. Instead, leverage multiple tools and techniques to identify, protect, detect, respond and recover. Ensure secure communication channels are always used, avoiding opportunistic options to the detriment of security.
Security Awareness Training – If you’re not doing this, start. If you are, you may want to ramp this up to enforce the importance in times like these. The situation is not normal already, so inbound calls or emails from the adversary could elicit activity which may now seam warranted.
I’ve only highlighted some cybersecurity areas that your organization should take into consideration. Sayers believes in balancing efforts in the areas of People, Process and Technology. I would highly recommend speaking with our team of architects, engineers and consultants, available remotely via webinar and conference bridges if desired, about Business Continuity (BC), Disaster Recovery (DR) and Incident Response (IR). We perform extensive assessments and workshops in these areas to gauge your level of preparedness and comprehensive coverage to various scenarios and circumstances, even those of pandemic proportions like the coronavirus.