cyber security dos and don’ts during covid 19

Cyber Security dos and don’ts during covid 19

cyber security dos and don’ts during covid 19. Cyber Security has been a matter of concern for the organisations from a long time and on top of it Covid-19 brought lot of challenges to attain the same.

The COVID-19 situation has compelled organisations and individuals to take up security measures like social distancing and remote working. Governments and civil administration are bringing up new ways to ensure that their citizens would remain hopeful and stable. New economic plans, relief packages have been announced by the government. While the world is focused on the health and economic threats created by COVID-19, cyber criminals all around the world without a doubt are taking advantage on this crisis.

There is a huge spike in phishing attacks, ransomware attacks and malware attacks as attackers are using COVID-19 to lure employees and customers by impersonating government agencies, brands or any other important entity.Such attacks are aiming to infect more personal computers and phones. Attackers are targeting businesses as well as individuals by downloading ransomware disguised as legitimate applications.

Managing Cyber Security has become more challenging in the Work from Home scenario. Following are the Do’s and Don’t for employees and individuals.

DO’s

CYBERSECURITY DOS DURING COVI19

  1. Use hard-to-guess passwords or passphrases. A password should have a minimum of 8 characters using uppercase letters, lowercase letters, numbers and special characters.
  2. Create an acronym. An acronym is easy for you to remember but hard for anhacker attacker to guess. For example, pick a phrase that is meaningful to you, such as “My dad’s birthday is 12 December, 1975.” Using that phrase as your guide, you might use Mdbi12/Dec,75 for your password.
  3. DO change your password in a regular interval, within every 30 days. This will make difficult for the hacker to use your cracked password.
  4. DO use different passwords for different accounts. If one password gets compromised, your other accounts are still safe.
  5. DO pay attention to the mails you receive, phishing traps in email and watch for tell-tale signs of a scam. DON’T open mail or attachments from an untrusted source. Whenever you receive a suspicious email, the best thing to do is to delete the message, and report it to your manager and Chief Information Security Officer (CISO)/designated security representative.
  6. DO change your default username and password of your Wi-Fi router, remember that wireless is inherently insecure. Avoid using public Wi-Fi hotspots. Use your organisation provided virtual private network software to protect the data and the device.
  7. Always keep your system updates, install the updates pushed by your organisation
  8. DO keep your passwords or passphrases confidential. Never share your passwords with others or write them down. You are responsible for all activities associated with your credentials.
  9. DO place confidential paper at proper places at home and destruct it properly prior to putting in dustbin.
  10. DO destroy information properly eg. by shreddinga, when it is no longer needed.
  11. Always backup your critical data to the drives and location provided by your IT Team
  12. Never turn off antivirus system installed on your PC and keep it updated.
  13. DO avoid printing confidential information outside personal printers. Always be aware of your surroundings when printing, copying, faxing or discussing sensitive information
  14. DO keep your work devices are either shut down or locked—including any mobile phones you use to check email or make work phone calls.
  15. DO report all cyber incidents and suspicious activity to your reporting manager and CISO/designated security representative.

DON’Ts

CYBERSECURITY DONTS DURING COVI19

  1. DON’T leave sensitive information lying around the home if you live with roommates and young children.
  2. DON’T leave important printouts or portable media containing private information on your desk. Keep them in a safe place drawer to reduce the risk of unauthorized disclosure
  3. DON’T use your official laptops and desktops for personal work. Avoid accessing social networking sites via official systems.
  4. DON’T share any private or sensitive information, such as bank details, credit card numbers, passwords or other private information, on public sites, including social media sites, and DON’T send it through email unless authorized to do so. Always use privacy settings on social media sites to restrict access to your personal information. In a nutshell avoid sharing too much personal information on social media.
  5. DON’T click on illegitimate links from an unknown or untrusted source. Cyber criminals often use them to trick you into visiting malicious sites and downloading malware that can be used to steal data and damage networks.
  6. DON’T use your private email address to send work-related emails and vice versa. Not only does it look unprofessional, but also expose your official email to unauthorized users many a times.
  7. DON’T share your confidential information to unauthorized person over call and mail. Voice Phishing is a very easy way for an unauthorized person to call and pretend to be an employee or business partner.
  8. DON’T respond to emails and phone calls requesting confidential data.
  9. DON’T avoid patch installation warning on your systems.
  10. DON’T install unauthorized software on your work computer, use only software authorized by your Information Technology department. Malicious applications often pose as legitimate software.
  11. DON’T plug in portable devices without permission from your Information Technology department. These devices may contain malicious code just waiting to launch as soon as you plug them into a computer.
  12. DO lock your computer by using (Windows + L)and mobile phone when not in use. This protects data from unauthorized access and use.
  13. DON’T leave devices unattended. Keep all devices, such as laptops and cell phones physically secured. If your official device is lost or stolen, report it immediately to your manager and ISO/designated security representative.
  14. DON’T leave wireless or Bluetooth services on laptop and mobiles turned on when not in use. Use password for Bluetooth and wireless connections. Use these services only in a safe environment.
  15. DON’T use vulnerable video conferencing software

Cyber Security is a mutual responsibility of the organisation and its employees. Each and every individual play a crucial role in safeguarding organisations critical information assets. Current pandemic situation of course has increased the cyber security risk for the organisation, however proper technology measures and security awareness among employees shall certainly help to overcome these issue.

Keywords: COVID-19, pandemic, cyber security, DO’S and DON’TS, password security, Wi-Fi security, hacking, malware, phishing, patch management, antivirus.

#Tags: #COVID, #Workfromhome, #WFH, #compliance, #informationsecurity

Relevant Links

Cyber Security during COVID 19

Related Posts

WHY DATA PRIVACY IS IMPORTANT FOR EVERY ORGANIZATION?

What is Data and Data Privacy? Data security is most important requirement to the customers or user. If the organisation wants to run a business successfully, they…

HOW ORGANISATIONS CAN ENSURE CYBER SECURITY DURING REMOTE WORKING

HOW ORGANISATIONS CAN ENSURE CYBER SECURITY DURING REMOTE WORKING Global pandemic has entirely changed the work culture of the organisation, while over 75 percentage  of the private sector…

Cybersecurity in Crypto Currency Business

Cybersecurity in Cryptocurrency Business A crypto currency as the name suggest is a secured virtual or digital currency. Crypto currency is secured by using cryptography techniques, which…

How to Handle Cyber-Security Incidents in Start-Ups

HOW to HANDLE CYBER-SECURITY INCIDENTS in Start-Ups In the current age where information technology has penetrated in almost every area of our lives, both personal and professional…

VIRTUAL CISO-A Logical method to manage Cyber security compliance in Start-ups

VIRTUAL CISO-A Logical method to manage Cyber security compliance in Start-ups   During the current era, both big companies and small start-ups, are using Information Technology for…

CYBER SECURITY CHALLENGES FACED BY Fin Tech START-UPS

CYBER SECURITY CHALLENGES FACED BY FINTECH START-UPS

Cyber Security Challenges by Fin tech cyber Security Challenges Fintech. This era of digitization and digitization, where every segment of businesses is using technology to provide services…