Art Sturdevant, Director of Operations at Censys
Tips that all businesses and employees should be taking:
- Easy Access to IT Help - Offer employees a direct path to IT and Security departments to get quick answers for issues that may not require a help ticket.
- Enable Remote Lock & Wipe - Employees need to know how to report a missing or stolen device as quickly as possible so that it can be locked or wiped remotely.
- Enable Automatic Screen Locks - Shorten the period of inactivity before a screen locks or the screensaver turns on, and require a password to use again.
- Enforce Automatic Updates - This one is absolutely essential for remote workforces. When updates are made available to an operating system, it’s only a matter of time before someone tries to exploit it. Avoid this by setting checking for software updates and security patches automatically.
- Update your Browser - Enforce the use of a strong, modern and up-to-date browser. It’s time to retire Internet Explorer and upgrade any legacy or out of date browsers. Encourage the use of HTTPS Everywhere, a free browser plugin that enables secure browsing by default.
- Create Application Block/Allow Lists - To avoid malware and cyberattacks, utilize programs that act as a gatekeeper so that only trusted software applications run on your devices. Provide teams with a list of approved browsers, devices and vendors for
file sharing, remote access, and more.
- Monitor On-prem and Cloud Services - As your workforce moves offsite, employees will begin using third-party services to store and share data. Some may create temporary servers and new assets in the cloud. These exposed cloud and on-premise services can expose your business to unwanted risk and unwanted visitors. It is critical to continue to monitor your external attack surface.