Small and Medium Businesses (SMBs) are normally on the front lines of the battle against cybercrime. With fewer resources to invest in cybersecurity, they are considered easy targets for exploitation. Close to 30% of these businesses experience a cyberattack at least once per week.
Your business’ security program must start with your employees and strong security policies supported by, rather than entirely depending on, your IT team and the latest security technologies.
Over the preceding number of years, it wasn’t that surprising to see several tech companies, and even a number of non-tech companies reducing their office space and moving to full or partial remote work setups.
In IT, the principle of least privilege (PoLP) refers to the concept that any process, program or user must be provided with only the bare minimum privileges (access or permissions) needed to perform a function. For instance, if a user account has been created for accessing database records, it need not have admin rights. Also, a programmer responsible for updating lines of legacy code can do so without access to the company’s financial records.
PoLP is a cybersecurity best practice and often considered a critical step for protecting privileged access to a businesses’ high-value assets and data (including customer/employee records). Since this principle extends beyond the scope of human access, it is also applicable to systems, applications and connected devices that require certain permissions or privileges to perform a task.
What Least Privilege is Used For
Did you know that two of the most infamous data breaches on record, namely the ones at Home Depot[i] and Target[ii], occurred due to a compromise of their network credentials? In both the cases, hackers used privileged accounts to access critical business data and private records of customers. Taking a cue from these breaches in the past, you need to understand that whoever is looking after your IT must deploy security strategies for users and applications that perform critical functions within the network. It’s not enough to just put up protections to stop cybercriminals from getting in, you must prepare for the eventuality that they might, and limit the harm that each user profile might be capable of doing.
Can you imagine logging into your system to access your business data and being unable to do so? Talk about your worst nightmare coming true!
IT demands have skyrocketed since the onset of Covid-19, often completely overwhelming the capacity of existing teams that typically operate with maximum productivity. Setting up employees to work from home has many technical and security hurdles. Stacking that task on top of regular maintenance and support activities left IT departments grasping at straws, forcing some to deploy insecure workarounds to try and best accommodate business activity under intense time constraints.
With the uncertainty that has arisen with COVID-19 in regards to our health and the economy, we want you to know that Keeran Networks is here for you.
This is a re-sharing of an article I created for LinkedIn about a week ago that has only continued to gain more relevance. I hope that as information spreads we can hopefully limit the havoc that these bad-actors continue to unleash.
I'm seeing a lot of phishing emails around COVID-19 / the coronavirus. It's disappointing but expected that cybercriminals know that we are looking for information and answers to guide us through the confusion, anxiety, and uncertainty of what to do next. Be careful not to become a victim of these honed phishing campaigns around some "COVID-19 update" or "current coronavirus news". The last thing a small business needs right now is to lose files or financials to these kind of people, so here are a few quick tips.
1) Be especially wary of emails pretending to be from the CDC, WHO, or other government agencies. Try and find the information by searching for it on their website rather than clicking links emailed to you. Even links that appear valid according to their text may be hyperlinked to a completely different location when followed.
2) Keep an eye out for spelling errors and inconsistencies in the subject line and the from line (or domains that don't look legitimate). Read the entire email address to ensure it's coming from the source you think it is. There are cases of cybercriminals pretending to be internal HR members directing staff to click a link to view updated policies, and are instead directed to a malicious website.
3) Do your homework before donating to a cause. We're at our best when we decide that we will pull together to support each other in trying times, but some will look to take advantage of that instinct.
ArsTechnica put together a great article that's worth a read as well, I've linked to it here. Or better yet, maybe search "ars technica covid 19 phishing" and start practicing Tip #1 now!
Stay safe out there, in every way possible.
Cloud is not going to recede in importance anytime soon.
