Manasi Saha, Founder and CEO, Macaws Infotech outlines security strategy and measures for enterprises, which will ensure their safety during the COVID-19 crisis
As a security solution provider, how do you assess the current scenario where there is a complete lockdown and businesses are finding difficult to maintain continuity of their operations?
These are tough times for the IT channel industry, including us as one of the security solution providers. In this time of crisis, enterprises should take the following suggestions in their consideration:
- Set up your 2FA
- Preconfigure work-from-home arrangements
- Remember to back up data and encrypt your valuable data
- Limit the use of VPNs
- Use antivirus either centralised or clou-based
- Ensure phishing solution for email
- Proper deployment of firewall, WAF, load balancers, DDoS protection
- Use a ransomware protection
- Skilled manpower
While many organisations have steadily moved towards remote working, they have kept business continuity as their utmost priority. I believe if the customers take the following initiatives, it will really help them in maintaining the business continuity of their operations:
- Discuss the importance of online safety with everyone
- Secure authentication through VPN and Identity authentication
- Ensure bandwidth for users
- Regular check for production server
- All OS, applications should be patched up
- Only legitimate users should be allowed for the DC access
- Proper mailing security to be thought of with the rise of ransomware
- Proper assessments of the production servers, especially the ERP
- Thorough audits and health checkups to be done
- Compliance and remedial measures should be in place
- Time for more technical dig down
- Helpdesk should be available 24×7
- Ticketing system should be fast and accurate
With the sudden rise in cyber threats and attacks in this period, how are you ensuring your customers’ data is safe and helping them mitigate risks?
Risk is always a relative word in cyber security and it is measured by identifying the threats. Regular health checkups, proactive measures, usages of solutions such as cyber security for cloud / hybrid cloud / multi cloud architectures, and industry best practices as per the certification bodies or any other compliance guidelines should be followed.
The most important thing in security is PPT (People, Process and Technology). The most vulnerable part is people, and hence, organisations must ensure 24×7 security and surveillance, employ skilled manpower, implement cloud based or remote SOC, create awareness around vulnerabilities, conduct trainings at regular intervals, use advanced technologies such as EDR and implement XDR along with SIEM integration. This will help them safeguard against any type of attack as well as keep their data safe.
During this time of total lockdown, how are you ensuring 24×7 service and support to your customers?
This is not new to us. Before the lockdown was implemented, we used to provide remote support to most of our customers. Since a few of the media houses are our customers, our engineers work round-the-clock in shift duties to provide them the remote support.
In the current scenario, we are not facing any kind of problems as a security solution provider. We always strive to maintain trustworthy relationships with our esteemed customers and they also fully co-operate with our technical team. Having the presence of an experienced technical team as well as cyber security expert helps us in serving our customers.
Soon we will witness business models changing, wherein there will be far more remote workers in any organisation. In such scenario, what are the best cyber security practices that your customers should adopt? How would you, as a security solution provider, compliment in such a scenario?
Companies have, until now, invested mostly to strengthen their offices with firewall, backup solutions, and done patch management among other measures. Most of the MSMEs are not ready to face cyber security threats for their remote workers. There is no firewall, employees are using their own devices which are unprotected, backup is being taken only on cloud, network is unprotected without full tunnel VPN, software codes can be downloaded to their machines, etc.
There have also been instances where the employees have shifted to their native places, which are so remote that they may not have uninterrupted electricity supply or internet during office hours. In such cases, companies should adopt:
- Strong BYOD, CYOD (choose your own device) policy, teleworking policy
- Remote desktop is a good concept to adopt, where entire work is done on AWS or Azure cloud workstations provided by VMware and Citrix
- Backup should be on cloud
- End point should have strong AV and latest patch so that key-loggers or Trojans are well detected
- Entire communication should be on VPN to avoid interception or sniffing
- Use technologies like Office 365 / Teams, GSuite, Webex, GotoMeeting for enhanced productivity. All these tools have equivalent open source tools which can help to reduce cost
- Employee monitoring tools available in the market can enhance both security and productivity
- Awareness should be given to employees as they are on their own. Now self-awareness can only keep them secure rather than being monitored by their office
- Companies must know the vulnerabilities of tools which they are forced to use. For example, Zoom is affected by critical security bug, which needs to be patched immediately
- Company should implement BCMS (Business Continuity Management System) and get certified for ISO 22301. This will do a health check of the companies’ readiness against outages
