The full impact of the COVID-19 coronavirus remains unknown, but its potential to disrupt our business, our government and our general health is enormous.
Even if the potential is never realized, IT managers and departments need to prepare contingency plans to deal with possible transitions and recognized threats.
On the CDC’s website, if you click on “Steps to Prevent Illness,” you’ll be greeted with bold text that declares “the best way to prevent illness is to avoid being exposed to this virus.”
In other words, stay home.
While it seems like a huge inconvenience for many, the digital transformation allows many businesses to consider remote work for their employees. However, many of our remote access systems were likely created with the remote worker as the rare exception, not the standard.
TechTarget notes that a typical remote work policy expects to support only 10% or 20% of the employees working remotely at any given time. Switching to 100% remote work will quickly overwhelm the existing infrastructure, and result in restricted bandwidth, difficulty making and maintaining connections, and a generally rotten experience.
In order to handle the increased need for remote access, there are two general tactics to use:
- Increase capacity
- Decrease demand
Let’s break those down.
To increase capacity, you’ll need to increase licenses and network ports for remote access, and increase bandwidth to support users.
TechTarget recommends contacting vendors for emergency equipment and licenses, asking ISPs and WAN services for traffic surge options, and even adding secondary suppliers for additional resources (bandwidth, equipment, etc.).
Or, you can maximize the current capacity through the existing options that aren’t always enabled. For example, data compression for transmission take some time, but the decrease in overall bandwidth demand is a reasonable trade-off that allows more users to access systems simultaneously.
Similarly, it may be time to enable class of service (CoS) to prioritize certain types of network traffic more critical to the company, such as email and document transfer. Other types of traffic, such as voice (use cell phones) and streaming video (not typically critical, and often accessible outside the company network) may need to be denied entirely to preserve bandwidth.
Of course, the more your IT department plans ahead for events such at COVID-19, the better your pricing and the smoother the potential transition will be. Since most companies are still operating as normal, we have a small window for IT teams to reach out to executives to scope potential needs, and to line up specific resources.
Even though there may be a surge in remote work, not all of your remote access needs have to flow through a limited internal infrastructure.
The cloud is built to handle remote access at scale.
Various cloud-based resources exist, allowing employees direct access. Employees from different departments can create shared folders or documents that can be accessed remotely simply by logging into your portal.
For more sophisticated security needs, IT departments can set up their own cloud environments with resources that can be launched in an emergency situation, then taken down once the employees return to the office.
While not easy to convert all employees and applications to a cloud-based environment, shifting a large number of employees to the cloud will greatly improve the performance of your remote access experience for the remaining users.
Of course, even if your IT department can set up the access, this only introduces a host of security issues.
In fact, we’ve already seen attackers trying to take advantage of the public concern of COVID-19.
On March 5, Forbes covered the appearance of a malware-laden phishing attack posing as advice and news regarding the coronavirus outbreak.
Thousands of domains are likewise being registered by both legitimate and black hat organizations trying to capitalize on the surge in web traffic.
However, this is just the latest in the ongoing onslaught of phishing attacks on organizations of all sizes. Last October, we provided an overview with tips for how organizations can limit the impact of phishing attacks.
However, as we pointed out last month, attackers who compromised one victim can now launch phishing attacks from within that company’s own domain. This also means that attackers can add malicious files to OneDrive accounts, and send links out via legitimate organizational email addresses as a means to compromise entire companies.
Most employees will click on an email from human resources with the subject: “Internal Coronavirus Announcement,” that links to a document within the company’s OneDrive account.
Similarly, phishing attacks designed to generate wire transfers can take advantage of the increased number of remote workers to push payments through.
Countering Phishing Attacks
How can these phishing attacks be countered?
- Multi-factor authentication
- Clearly Designated Communication Channels
- Enforced Policy
Only one of these solutions is technical, so every organization can easily adopt two of the three.
We highly recommend multi-factor authentication, primarily because it works. Even if a phishing attack manages to trick an employee into giving up his/her credentials on a fake website, multi-factor authentication forces attackers to work harder in order to gain access to your entire network.
At the very least, administrators, and employees with access to critical data, should always use multi-factor authentication. Phishing attacks rely on credibility to be successful, so an attack coming from the VP of human resources will have much more success than one from a marketing intern.
A clearly defined communication channel can also limit the success of internal phishing attacks by designating the authority figure in advance.
Designate a specific person (i.e. your COO) as the only person able to send future updates to the company regarding the COVID-19 virus within the company. We also recommend exclusively using text-only emails regarding the coronavirus, with no links to documents or attachments, to further enforce that official emails may not include links.
Then, send out an internal notice to all employees, and have your managers follow up with oral instructions to reinforce that message:
- Misinformation can be dangerous and deadly
- Malicious attackers are trying to take advantage of people’s concerns
- The company will only use the official virus designation COVID-19 (phishers will use coronavirus)
- The company will have a single point of contact for official information
- Don’t click on or believe emails from anyone else
This creates a policy that should minimize the affect of an internal or external phishing attack regarding COVID-19. But, what about the attacks that try to circumvent approval processes for payments (checks, wire transfers, etc.), such as the one that Shark Tank host Barbara Corcoran recently suffered?
With workers transitioning to remote access, there will be no in-person check and balance to help offset the urgency an attacker will try to cultivate.
This is the time to double-down on a policy that uses multiple forms of communication for verification. Just in case emails have been compromised, employees should be using text messages, voice calls, Skype SMS, slack, or other alternative means to verify payments are legitimate.
While still not entirely foolproof, this policy will increase the number of systems an attacker must compromise in order to achieve success.
Will these steps completely prevent malicious attacks? Of course not.
As employees move to VPN or other remote access methods, our organizations become vulnerable to many other attacks. However, previous columns on Zero Trust and subnetting covered the most common issues – make sure to give them a read.
The Right IT Support
If your organization needs help preparing for remote work to combat COVID-19, Ideal Integrations and Blue Bastion are ready to discuss your options, plan your strategies, and help you execute a range of options.
From an emergency contingency plan to a full-blown transition to remote work for the company, we have in-house and partner solutions to fit a variety of needs and budgets.
We maximize your return on IT by providing solutions unique to your organization.
Ready to get started? Complete the form below, or call us at 412-349-6680.
About Ideal Integrations
At Ideal Integrations, our focus is to provide you with a sustainable competitive advantage through the strategic use of technology. We combine cutting edge innovations with a creative and skilled team of engineers to deliver customized technology solutions that will help your company succeed.
Building networks and partnerships, we are by your side!