How To Embrace [Remote Working For Security Teams]

The World has been so unfortunate over the past few days with Coronavirus COVID-19. Within a few weeks things have changed drastically around us starting from businesses to the lives of people.

“United Nations confirm that Coronavirus is likely to cost $1 Trillion”

One of the key measures to reduce the spread of the virus is Social distancing due to which many organizations are encouraging their staff to work from home and as an immediate measure.

Social distancing = The practice of maintaining a greater than usual physical distance from other people. Or of avoiding direct contact with people or objects in public places during the outbreak of the contagious disease. This is done to minimize exposure and reduce the transmission of infection.

Although it is preferable to create and establish clear remote work policies and training in advance of times of outbreaks, this level of preparation may not be feasible.

WFH + a scary pandemic ={ a target-rich environment for Hackers }

Security companies that monitor global threats have seen a spike in coronavirus themed attacks.

“Your Password is the first line of defense against hackers and unauthorized access so make it a good one.“

For instance - Checkpoint, a software threat intelligence services company reported 4,000 new coronavirus-themed domains registered since the 2nd week of January 2020.

ZDNet a popular technology and security forum reported several marketing campaigns with phishing emails and texts targeted towards sharing knowledge on COVID-19 .

These emails have got access to many critical and sensitive passwords of individuals across Europe and south-east Asia.

Our security team at Appknox has come up with few security precautions you should follow while working remotely which every security and technology team should consider implementing across their organizations to ensure a safe and secure environment.

“Information security means: Protecting information from unauthorized access to modify, alter from unknown sources---- 44 US code 3542.”

We assume that organizations have already created security to ensure the safety of employees but here are few standard security measures we highly recommend everyone to follow:

  • Avoid: Public Wifi
  • Use a Secure internet connection: Encrypt your internet communication using a secure VPN. Use a company listed VPN
  • Strong Password Management
  • Apply Cloud Security best practices
  • Establish Cryptographic identities
  • Update your Security policies to protect infrastructure and limit third party access to your infrastructure
  • Create a strong CI/CD flow: Strong CI/CD Flow ensures, good and safe code is deployed without any lapses
  • Protect your code base with high-level access restrictions
  • Use SSH keys for critical applications instead of passwords
  • Encrypt your cloud and perform a cloud assessment
  • Implement a clear remote working security policy
  • Don’t skip Software updates
  • Use MFA (Multi-factor Authentication)

Appknox CTA - Free Trial

 

Though organizations care and take necessary precautions somethings go beyond our hands and we need to act quickly with an immediate response and contingency plan.

Response Plan

  • Establish an internal communication system for everyone to report anything suspicious
  • Establish a live update channel to your users so they know what went wrong. Don’t leave them in dark
  • Do send regular updates once a day to your users about ETA‘s on Incident response actions
  • Seek help from the security community if needed. You’re not alone as there are hundreds of companies which get affected and someone might have a quick solution from their experience
  • Perform a postmortem analysis
  • Figure out what breached out and to what extent. Also how you can ensure that you don’t get hacked by setting up secured infrastructure

 

Tools that keep you safe and guarded while your security teams are working remotely

Managing a security team remotely is more tedious than managing any other teams in your organization.

These tools help you to manage your security team remotely whether your team member is half a mile across your home or halfway across the planet.

1Password for Teams

Using 1Password, you can create strong passwords that your team won’t need to remember, easily onboard new team members and see an overview of permissions.

Cloud9

Cloud9 holds your dev space in the cloud, combining a powerful online code editor with a full Ubuntu workspace in the cloud.

Azure active directory

Azure active directory helps in keeping your teams communication safe and secure from Phishing links getting circulated to your contacts which would lead users falling for a phishing .

Azure conditional access for Microsoft Azure cloud

While many employees have work laptops they use at home, it’s likely organizations will see an increase in the use of personal devices accessing company data.

Using Azure AD Conditional Access and Microsoft Intune app protection policies together helps manage and secure corporate data in approved apps on these personal devices, so employees can remain productive.

AWS Shield

AWS Shield is a managed DDoS protection service. Shield can protect EC2, Load balancers, CloudFront, Global Accelerator, and Route 53 resources. While DDoS protection may not seem revolutionary, consider that Amazon claims that 99 percent of all infrastructure flood attacks detected by shield are mitigated in less than one second on CloudFront.

Guard Duty

GuardDuty is a managed threat detection service that is simple to deploy and scales with your infrastructure. It will analyze logs across all of your accounts and services, making sure that nothing is left unprotected.

Amazon boasts that GuardDuty analyzes tens of billions of events across AWS — and leverages machine learning to ensure you get accurate and actionable alerts. There are very few other companies that can boast that kind of data set.

Macie

Macie is all about protecting data. It is a machine learning service that watches data access trends and finds anomalies to spot data leaks and unauthorized data access.

It can send all of its alerts to Cloudwatch to leverage all of the automation and custom alerting.

Scout suite

Scoutsuite is also an auditing tool. Scoutsuite is multi-platform tool which supports AWS, Microsoft Azure, and Google Cloud Platform for auditing cloud security issues.

Zed Attack Proxy (ZAP)

Developed by OWASP (Open Web Application Security Project), ZAP or Zed Attack Proxy is a multi-platform, open-source web application security testing tool. ZAP is used for finding a number of security vulnerabilities.

Wapiti

One of the leading web application security testing tools, Wapiti is free of cost, an open-source project from SourceForge and devloop. In order to check web applications for security vulnerabilities.

SQL Map

SQL Map allows the process of detecting and utilizing SQL injection vulnerability in a website’s database, SQLMap is entirely free to use

W3af

One of the most popular web application security testing frameworks that are also developed using Python is W3af.

Frida

Frida is a free dynamic security toolkit that enables software professionals to execute their own scripts in software that has traditionally been locked down;

Radare

Radare is a portable reversing framework that can disassemble (and assemble for) many different architectures, debug with local native and remote debuggers, run on multiple platforms, perform forensics on file systems and data carving, and much more.

 

Conclusion

There is no such thing as a 100% secure infrastructure or system. All that matters is how you ensure to keep your data and information safe with the best effort and technology making it hard for hackers to breach your systems.

These suggested security practices should make your systems hack-proof while your teams are working remotely.

 

Appknox - Talk to us

Published on Mar 23, 2020
Chaitanya GVS
Written by Chaitanya GVS
Chaitanya Heads growth and full-funnel user acquisition at Appknox.

Questions?

Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now