Securing Your Organization From Email Attacks During COVID Pandemic
During the last several months COVID-19 has brought major changes to our work force, altering the work habits of most Americans for the time being. In fact, according to the SHRM Business Index, work at home has increased from 7% to over 60% in just a few months.
These uncertain times have turned office based employees to remote workers and has now introduced new security challenges. Research by Barracuda has found that spear phishing attacks have increased exponentially since the start of the COVID-19 outbreak. In fact according to the FBI's Internet Crime Complaint Center (IC3) , cybercrime cost $3.5 billion in losses in 2019 alone, with business email compromise causing the most damages.
Organizations must not only be educated on the 13 email threat types, but must also seek email cyber-security solutions to combat these threats. Here are 3 steps that organizations can take right now to reduce risks posed by email cyber criminals in the second half of 2020.
Audit your Microsoft O365 Tenant Security
An audit of your current Microsoft Office 365 email security is time very well spent. Often, when we initially get involved with client O365 services, we discover that the O365 tenant settings have not been reviewed by the tenant owners. Microsoft security settings include alerts, permissions, data governance and reporting that help you secure your email services. We help guide our clients through these settings to find the right balance of security and productivity.
- Review your O365 security rules that govern basic security for the service.
- Check how many administrators you have in your organization that can make changes (the fewer the better)
- Ensure that all IT personnel authorized to make changes uses a domain admin password, instead of their personal credentials
- Prevent any rule change originating from a source address outside of your domain (this is a common way for criminals to initiate account takeovers).
Build an Organization Compliance Document
This document should provide the framework for how employees handle, share, and store sensitive data within your organization. The policy document should address password management systems, password policies, how frequently data is backed up, and acceptable use policies for both company owned and employee owned devices, applications, and services. For some templates to start your policy please click the button below.
Focus on Strong Protection and Monitoring Remote Workers
Post COVID-19, cyber criminal groups have shifted their attention to remote workers as soft targets. Criminals look to exploit easy to guess passwords without additional authentication through brute force techniques. Once they have access, they can elevate their rights to admin level and uninstall security solutions and then run ransomware to encrypt organization data. A proper defense is to block external geo’s and require multi-factor authentication from your remote workers. The addition of a A/D monitoring solution will also provide visibility in real time of criminals that elevate privileges to start attacks.