SlideShare a Scribd company logo

IET India cybersecurity advisory: security practices for remote working

IET India
IET India

We are living in a heightened time of cyber risk. Organisations are still operational by allowing their employees to work from home. Cybercriminals have started taking advantage of public fear to generate coronavirus themed phishing attacks. We should be aware of COVID-19 tagged emails with misleading links or attachments. The IET’s Cybersecurity working group has put together some best practices to be followed at this crucial time to safeguard employees and as well as organisations that are navigating the new order of remote working. Read ahead to know steps that both organisations and individual employees can undertake to do their bit to secure their enterprise data.

Technology
1 of 6
Download to read offline
India Advisory Notes Remote working in the times of a pandemic Security practices: For employees and organisations
2 | P a g e About us The IET is one of the world’s largest professional societies for engineers, headquartered in the UK. Soon to turn 150 years, the IET works closely with industry, academia and government in its mission to engineer a better world. In line with this, the IET also has specific global initiatives around key sectors that are relevant to solving problems that impact the society at large. In India, the IET has over 13,000 members and has wide ranging activities in alignment with the overall global IET strategy that also includes sector focus in areas such as Future technologies. Future of Mobility and Transport, as well as the Future of Work. Eminent engineers like Shri Ratan Tata, Former Chairman Tata Sons, N R Narayana Murthy, Chairman Emeritus, Infosys and T V Ramachandran, President, Broadband India Forum (Ex-Resident Director, Vodafone) are Honorary Fellows of the IET. With our members, we are driving innovation and change in the fields of engineering and technology. We research, investigate, review and analyse the industry’s challenges, proposing solutions that will have a significant impact on the world for years to come. This advisory note is part of a series, put together by the IET’s expert volunteers in India in the backdrop of the global pandemic brought about by Covid-19. In this paper, experts from our Cybersecurity Working group detail how employees and organisations should conduct themselves while working remotely. Read more about our Future Technology focus as well as our panels here: https://india.theiet.org/innovation-knowledge/. To become a volunteer and to contribute, please write to us at sectors@theiet.in Disclaimers This document is owned and maintained by the Institution of Engineering and Technology, India and the design of the document is © IET India 2020. The information contained in this document should not be interpreted as a representation of the views of the IET, nor should it be assumed that it reflects any of its current or future policy. The information cannot supersede any statutory or contractual requirements or liabilities and is offered without prejudice. While the authors, publisher and contributors believe that the information and guidance given in this work are correct, all parties must rely upon their own skill and judgement while making use of them. Neither the authors nor the publishers assume any liability to anyone for any loss or damage caused by an error or omission in the work, as a result of negligence or any other cause.
3 | P a g e Introduction We are living in a heightened time of cyber risk. Organisations are still operational by allowing their employees to work from home. Cybercriminals have started taking advantage of public fear to generate coronavirus themed phishing attacks. We should be aware of COVID-19 tagged emails with misleading links or attachments. The IET’s Cybersecurity working group has put together some best practices to be followed at this crucial time to safeguard employees and as well as organisations that are navigating the new order of remote working. 24x7 uptime and connectivity Due to the current situation, companies and schools have planned for distance learning and work-from-home setups. Though employees have started using the work-from-home options, are the industries belonging to various sectors, including PSUs and private companies prepared for this heavy influx of remote workers? Organisations should conduct an exercise with their senior leadership teams and business unit heads to list their critical business applications that will be accessed the most by the employees. For cloud applications. Technology heads will have to work with cloud service providers and get a hang about their business continuity plans. Employers should ensure, by testing and validating the proper VPN connectivity for higher utilisation than usual. For enterprises with high-cloud reliance (e.g., an extension of capacity, native cloud systems), select cloud provider who has point-of- presence in the geography where majority of the employees are present and provide network path redundancy. Timely backup One crucial element in these times, more important than ever, is data backup. In these times of the pandemic, employees from various operational units are using their laptops, desktops, etc. In most of the cases, they either save their documents locally on to these systems (for example, as a PDF file or MS office document) in an unencrypted format. This is an issue, from a legal and compliance perspective. In case of a cyberattack, they may also lose their data. Therefore, employees who are working remotely, should back their data up in a timely manner to remain unaffected in case of a cyberattack where they may compromise their valuable data. Access Control Policy Financial services organisations, in a bid for business continuity to clients, may have to provide right of access to employees via remote access. Usual practices like password protection or data encryption may no longer suffice to counter smart data theft. Hence, access control policies should be implemented and updated at various entry points of the organisation. Also, the organisation can contain a potential attacker’s path to crucial data and assets by limiting user access and privileges to the information and tools needed for the employees to perform their immediate role.
4 | P a g e Enhance the security of BYOD Employees working from home for the first time will potentially use desktop computers, laptops, tablets, and smartphones that are not protected to the same level as workplace devices. They should consider using additional risk reduction measures like document and file encryption, VPNs, regular scanning, and other best practices to lower the potential for business intellectual property or financial theft. Employees should secure home Wi-Fi by selecting the most reliable security protocol, changing the Wi-Fi password often, and use MAC filtering, which can be done by logging into the router as admin. Beware of phishing scams and other targeted attacks Recently, cases where attackers leveraging coronavirus-themed cyberattacks and phishing emails masked as sensationalised Covid-19 news or charity pleas have been on the rise. Fake applications like Corona live 1.1 have also been reported. Malware attackers are targeting masses using custom and unique remote-access trojan attacks that steal user information. Employees must consciously maintain security best practices while browsing the web. They should be more cautious about visiting sites while in session with the enterprise web site. Concerned departments and ministries should spread public awareness about these kinds of attacks to save people from being compromised at this crucial time. Enterprises can keep communicating employees through awareness campaign that reminds them of various social engineering attacks. Regular Software Update One of the main issues with most of the organisations operating in these crucial times both PSUs and private enterprises is that they use legacy systems, proprietary software, and software that may not be have been patched. Hence, enterprises need to update their software regularly to keep employees protected in such times, failing which, they will have to battle unproductivity and negative experiences of employees. Enterprises must be on top of threat intelligence and push patches at the earliest while employees must update with the latest patches of the base platform software being used. Conclusion We are currently in what can be called the largest remote working experiment in the history of mankind. Both organisations and employees are learning to work in this new world of work and figuring out the best ways to keep their data safe while minimising disruption and delivering outputs. The lockdown has brought to fore, the need for IT teams to be more vigilant, effective and frequent communications with business leaders and their IT teams and seamless communication with the staff team to ensure compliance.
5 | P a g e
6 | P a g e Contributors Anand Handa Member – IET Cyber Security Working Group Project Executive Officer, Interdisciplinary Centre for Cyber Security and Cyber Defence of Critical Infrastructures, Department of Computer Science and Engineering, Indian Institute of Technology, Kanpur Arnab Chattopadhyay Member – IET Cyber Security Working Group Associate Director, IBM Advisor Arvind Tiwary Chairperson – IET Cyber Security Working Group Chair, TiE IoT Forum If you have a question or query, please feel free to reach out to us at sectors@theiet.in. Read more about our work at india.theiet.org

Recommended

ZS Infotech v1.0
ZS Infotech v1.0ZS Infotech v1.0
ZS Infotech v1.0Muhammad Zubair
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)Rohana K Amarakoon
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
 
Security in IT (data and cyber security)
Security in IT (data and cyber security)Security in IT (data and cyber security)
Security in IT (data and cyber security)Rohana K Amarakoon
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
Seclore Corporate Profile
Seclore Corporate ProfileSeclore Corporate Profile
Seclore Corporate Profilepatelhiranya
 
08 pdf show-239
08 pdf show-23908 pdf show-239
08 pdf show-239#TheFraudTube
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 

Recommended

ZS Infotech v1.0
ZS Infotech v1.0ZS Infotech v1.0
ZS Infotech v1.0Muhammad Zubair
 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)Rohana K Amarakoon
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
 
Security in IT (data and cyber security)
Security in IT (data and cyber security)Security in IT (data and cyber security)
Security in IT (data and cyber security)Rohana K Amarakoon
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
Seclore Corporate Profile
Seclore Corporate ProfileSeclore Corporate Profile
Seclore Corporate Profilepatelhiranya
 
08 pdf show-239
08 pdf show-23908 pdf show-239
08 pdf show-239#TheFraudTube
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Enterprise it consumerization survey
Enterprise it consumerization surveyEnterprise it consumerization survey
Enterprise it consumerization surveyAndrew Wong
 
How To Do BYOD Right
How To Do BYOD RightHow To Do BYOD Right
How To Do BYOD RightRapidScale
 
BYOD- A Productivity Catalyst
BYOD- A Productivity CatalystBYOD- A Productivity Catalyst
BYOD- A Productivity CatalystPacket One
 
ICISS Newsletter Sept 14
ICISS Newsletter Sept 14ICISS Newsletter Sept 14
ICISS Newsletter Sept 14Capt SB Tyagi, COAC'CC*,FISM,CSC,
 
Employment
EmploymentEmployment
EmploymentZenaTaha
 
OC CIO Roundtable BYOD
OC CIO Roundtable BYODOC CIO Roundtable BYOD
OC CIO Roundtable BYODJim Sutter
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelBDPA Education and Technology Foundation
 
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...subramanian K
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaJim Kaplan CIA CFE
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelCSCJournals
 
Business ethics ppt
Business ethics pptBusiness ethics ppt
Business ethics pptWulax37
 
Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010thaiantivirus
 
Intel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthIntel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthrcnossen
 
Advanced Network Security with Netmagic – Netmagic
Advanced Network Security with Netmagic – NetmagicAdvanced Network Security with Netmagic – Netmagic
Advanced Network Security with Netmagic – NetmagicNetmagic Solutions Pvt. Ltd.
 
CS-LRC-0114
CS-LRC-0114CS-LRC-0114
CS-LRC-0114Jason Dear MBCS
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfInfinityGroup5
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report SummaryAccenture Technology
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economyaccenture
 

More Related Content

What's hot

Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Enterprise it consumerization survey
Enterprise it consumerization surveyEnterprise it consumerization survey
Enterprise it consumerization surveyAndrew Wong
 
How To Do BYOD Right
How To Do BYOD RightHow To Do BYOD Right
How To Do BYOD RightRapidScale
 
BYOD- A Productivity Catalyst
BYOD- A Productivity CatalystBYOD- A Productivity Catalyst
BYOD- A Productivity CatalystPacket One
 
Employment
EmploymentEmployment
EmploymentZenaTaha
 
OC CIO Roundtable BYOD
OC CIO Roundtable BYODOC CIO Roundtable BYOD
OC CIO Roundtable BYODJim Sutter
 
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...subramanian K
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaJim Kaplan CIA CFE
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelCSCJournals
 
Business ethics ppt
Business ethics pptBusiness ethics ppt
Business ethics pptWulax37
 
Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010thaiantivirus
 
Intel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthIntel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthrcnossen
 
Advanced Network Security with Netmagic – Netmagic
Advanced Network Security with Netmagic – NetmagicAdvanced Network Security with Netmagic – Netmagic
Advanced Network Security with Netmagic – NetmagicNetmagic Solutions Pvt. Ltd.
 

What's hot (18)

Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environment
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's Enterprise
 
Enterprise it consumerization survey
Enterprise it consumerization surveyEnterprise it consumerization survey
Enterprise it consumerization survey
 
How To Do BYOD Right
How To Do BYOD RightHow To Do BYOD Right
How To Do BYOD Right
 
BYOD- A Productivity Catalyst
BYOD- A Productivity CatalystBYOD- A Productivity Catalyst
BYOD- A Productivity Catalyst
 
ICISS Newsletter Sept 14
ICISS Newsletter Sept 14ICISS Newsletter Sept 14
ICISS Newsletter Sept 14
 
Employment
EmploymentEmployment
Employment
 
OC CIO Roundtable BYOD
OC CIO Roundtable BYODOC CIO Roundtable BYOD
OC CIO Roundtable BYOD
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive Panel
 
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
Iob gm's lecture 7th jan 2014 GRC and corporate governance in Financial serv...
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment Model
 
Business ethics ppt
Business ethics pptBusiness ethics ppt
Business ethics ppt
 
Security annual report_mid2010
Security annual report_mid2010Security annual report_mid2010
Security annual report_mid2010
 
Intel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthIntel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealth
 
Advanced Network Security with Netmagic – Netmagic
Advanced Network Security with Netmagic – NetmagicAdvanced Network Security with Netmagic – Netmagic
Advanced Network Security with Netmagic – Netmagic
 
CS-LRC-0114
CS-LRC-0114CS-LRC-0114
CS-LRC-0114
 

Similar to IET India cybersecurity advisory: security practices for remote working

Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfInfinityGroup5
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report SummaryAccenture Technology
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economyaccenture
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet accenture
 
Module 1 / Unit 5 Digital Cybersecurity
Module 1 / Unit 5 Digital Cybersecurity Module 1 / Unit 5 Digital Cybersecurity
Module 1 / Unit 5 Digital Cybersecurity SMKCreations
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-securityskumartarget
 
BYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in PakistanBYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in PakistanShuja Ahmad
 
Networking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile WorkersNetworking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile WorkersEric Wong
 
UCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxUCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxucisa
 
Enable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplaceEnable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplaceNeetaSahay1
 
B Distributed Workforce Management In The Cloud Wp.En Us
B Distributed Workforce Management In The Cloud Wp.En UsB Distributed Workforce Management In The Cloud Wp.En Us
B Distributed Workforce Management In The Cloud Wp.En UsVishal Shah
 
A Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityA Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityТранслируем.бел
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19Dharmendra Rama
 
Evolution of IT outsourcing.pdf
Evolution of IT outsourcing.pdfEvolution of IT outsourcing.pdf
Evolution of IT outsourcing.pdfMindfire LLC
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)Pace IT at Edmonds Community College
 

Similar to IET India cybersecurity advisory: security practices for remote working (20)

Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report Summary
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economy
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
 
Module 1 / Unit 5 Digital Cybersecurity
Module 1 / Unit 5 Digital Cybersecurity Module 1 / Unit 5 Digital Cybersecurity
Module 1 / Unit 5 Digital Cybersecurity
 
The Insider Threats - Are You at Risk?
The Insider Threats - Are You at Risk?The Insider Threats - Are You at Risk?
The Insider Threats - Are You at Risk?
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
 
BYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in PakistanBYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in Pakistan
 
Networking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile WorkersNetworking Plus December 2014: Connecting Mobile Workers
Networking Plus December 2014: Connecting Mobile Workers
 
Leveraging byod
Leveraging byodLeveraging byod
Leveraging byod
 
Policy for PDO
Policy for PDOPolicy for PDO
Policy for PDO
 
UCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxUCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptx
 
Consumer tech invasion
Consumer tech invasionConsumer tech invasion
Consumer tech invasion
 
Enable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplaceEnable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplace
 
B Distributed Workforce Management In The Cloud Wp.En Us
B Distributed Workforce Management In The Cloud Wp.En UsB Distributed Workforce Management In The Cloud Wp.En Us
B Distributed Workforce Management In The Cloud Wp.En Us
 
A Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityA Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise Security
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19
 
Evolution of IT outsourcing.pdf
Evolution of IT outsourcing.pdfEvolution of IT outsourcing.pdf
Evolution of IT outsourcing.pdf
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
 

More from IET India

Digital twins for secure, green and healthy future cities
Digital twins for secure, green and healthy future citiesDigital twins for secure, green and healthy future cities
Digital twins for secure, green and healthy future citiesIET India
 
Leveraging blockchain to transform rattled supply chains
Leveraging blockchain to transform rattled supply chainsLeveraging blockchain to transform rattled supply chains
Leveraging blockchain to transform rattled supply chainsIET India
 
Ventilator tracking for Covid-19 preparedness
Ventilator tracking for Covid-19 preparednessVentilator tracking for Covid-19 preparedness
Ventilator tracking for Covid-19 preparednessIET India
 
Electric vehicle charging infrastructure in India: Challenges and road ahead
Electric vehicle charging infrastructure in India: Challenges and road aheadElectric vehicle charging infrastructure in India: Challenges and road ahead
Electric vehicle charging infrastructure in India: Challenges and road aheadIET India
 
Resetting urban mobility 2020+ in India
Resetting urban mobility 2020+ in IndiaResetting urban mobility 2020+ in India
Resetting urban mobility 2020+ in IndiaIET India
 
Learning and Skilling - A Future Work Perspective
Learning and Skilling - A Future Work PerspectiveLearning and Skilling - A Future Work Perspective
Learning and Skilling - A Future Work PerspectiveIET India
 
Enabling Indian manufacturing MSMEs for global competitiveness
Enabling Indian manufacturing MSMEs for global competitivenessEnabling Indian manufacturing MSMEs for global competitiveness
Enabling Indian manufacturing MSMEs for global competitivenessIET India
 
Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...
Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...
Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...IET India
 
E-mobility trends in India: Challenges and Opportunities
E-mobility trends in India: Challenges and OpportunitiesE-mobility trends in India: Challenges and Opportunities
E-mobility trends in India: Challenges and OpportunitiesIET India
 
IET India Advisory: Safeguarding children from cyber threats in times of a pa...
IET India Advisory: Safeguarding children from cyber threats in times of a pa...IET India Advisory: Safeguarding children from cyber threats in times of a pa...
IET India Advisory: Safeguarding children from cyber threats in times of a pa...IET India
 
Urban mobility in Bengaluru- Key takeaway report
Urban mobility in Bengaluru- Key takeaway reportUrban mobility in Bengaluru- Key takeaway report
Urban mobility in Bengaluru- Key takeaway reportIET India
 
IET's Engineering the Future of Work Playbook
IET's Engineering the Future of Work PlaybookIET's Engineering the Future of Work Playbook
IET's Engineering the Future of Work PlaybookIET India
 
IoT reshaping society
IoT reshaping societyIoT reshaping society
IoT reshaping societyIET India
 
IIoT for India's growth
IIoT for India's growthIIoT for India's growth
IIoT for India's growthIET India
 
IoT and security
IoT and securityIoT and security
IoT and securityIET India
 
IoT for the energy sector
IoT for the energy sectorIoT for the energy sector
IoT for the energy sectorIET India
 
Indian telecom getting ready for m2 m iot
Indian telecom getting ready for m2 m iotIndian telecom getting ready for m2 m iot
Indian telecom getting ready for m2 m iotIET India
 
IoT case studies from india
IoT case studies from indiaIoT case studies from india
IoT case studies from indiaIET India
 
Fresh Thinking to SAFENET for IoT
Fresh Thinking to SAFENET for IoT Fresh Thinking to SAFENET for IoT
Fresh Thinking to SAFENET for IoTIET India
 
Smart Education – Making education Efficient, Affordable and Reachable for India
Smart Education – Making education Efficient, Affordable and Reachable for IndiaSmart Education – Making education Efficient, Affordable and Reachable for India
Smart Education – Making education Efficient, Affordable and Reachable for IndiaIET India
 

More from IET India (20)

Digital twins for secure, green and healthy future cities
Digital twins for secure, green and healthy future citiesDigital twins for secure, green and healthy future cities
Digital twins for secure, green and healthy future cities
 
Leveraging blockchain to transform rattled supply chains
Leveraging blockchain to transform rattled supply chainsLeveraging blockchain to transform rattled supply chains
Leveraging blockchain to transform rattled supply chains
 
Ventilator tracking for Covid-19 preparedness
Ventilator tracking for Covid-19 preparednessVentilator tracking for Covid-19 preparedness
Ventilator tracking for Covid-19 preparedness
 
Electric vehicle charging infrastructure in India: Challenges and road ahead
Electric vehicle charging infrastructure in India: Challenges and road aheadElectric vehicle charging infrastructure in India: Challenges and road ahead
Electric vehicle charging infrastructure in India: Challenges and road ahead
 
Resetting urban mobility 2020+ in India
Resetting urban mobility 2020+ in IndiaResetting urban mobility 2020+ in India
Resetting urban mobility 2020+ in India
 
Learning and Skilling - A Future Work Perspective
Learning and Skilling - A Future Work PerspectiveLearning and Skilling - A Future Work Perspective
Learning and Skilling - A Future Work Perspective
 
Enabling Indian manufacturing MSMEs for global competitiveness
Enabling Indian manufacturing MSMEs for global competitivenessEnabling Indian manufacturing MSMEs for global competitiveness
Enabling Indian manufacturing MSMEs for global competitiveness
 
Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...
Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...
Indo-Canada dialogue: Opportunities in the automotive segment in the backdrop...
 
E-mobility trends in India: Challenges and Opportunities
E-mobility trends in India: Challenges and OpportunitiesE-mobility trends in India: Challenges and Opportunities
E-mobility trends in India: Challenges and Opportunities
 
IET India Advisory: Safeguarding children from cyber threats in times of a pa...
IET India Advisory: Safeguarding children from cyber threats in times of a pa...IET India Advisory: Safeguarding children from cyber threats in times of a pa...
IET India Advisory: Safeguarding children from cyber threats in times of a pa...
 
Urban mobility in Bengaluru- Key takeaway report
Urban mobility in Bengaluru- Key takeaway reportUrban mobility in Bengaluru- Key takeaway report
Urban mobility in Bengaluru- Key takeaway report
 
IET's Engineering the Future of Work Playbook
IET's Engineering the Future of Work PlaybookIET's Engineering the Future of Work Playbook
IET's Engineering the Future of Work Playbook
 
IoT reshaping society
IoT reshaping societyIoT reshaping society
IoT reshaping society
 
IIoT for India's growth
IIoT for India's growthIIoT for India's growth
IIoT for India's growth
 
IoT and security
IoT and securityIoT and security
IoT and security
 
IoT for the energy sector
IoT for the energy sectorIoT for the energy sector
IoT for the energy sector
 
Indian telecom getting ready for m2 m iot
Indian telecom getting ready for m2 m iotIndian telecom getting ready for m2 m iot
Indian telecom getting ready for m2 m iot
 
IoT case studies from india
IoT case studies from indiaIoT case studies from india
IoT case studies from india
 
Fresh Thinking to SAFENET for IoT
Fresh Thinking to SAFENET for IoT Fresh Thinking to SAFENET for IoT
Fresh Thinking to SAFENET for IoT
 
Smart Education – Making education Efficient, Affordable and Reachable for India
Smart Education – Making education Efficient, Affordable and Reachable for IndiaSmart Education – Making education Efficient, Affordable and Reachable for India
Smart Education – Making education Efficient, Affordable and Reachable for India
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 

IET India cybersecurity advisory: security practices for remote working

  • 1. India Advisory Notes Remote working in the times of a pandemic Security practices: For employees and organisations
  • 2. 2 | P a g e About us The IET is one of the world’s largest professional societies for engineers, headquartered in the UK. Soon to turn 150 years, the IET works closely with industry, academia and government in its mission to engineer a better world. In line with this, the IET also has specific global initiatives around key sectors that are relevant to solving problems that impact the society at large. In India, the IET has over 13,000 members and has wide ranging activities in alignment with the overall global IET strategy that also includes sector focus in areas such as Future technologies. Future of Mobility and Transport, as well as the Future of Work. Eminent engineers like Shri Ratan Tata, Former Chairman Tata Sons, N R Narayana Murthy, Chairman Emeritus, Infosys and T V Ramachandran, President, Broadband India Forum (Ex-Resident Director, Vodafone) are Honorary Fellows of the IET. With our members, we are driving innovation and change in the fields of engineering and technology. We research, investigate, review and analyse the industry’s challenges, proposing solutions that will have a significant impact on the world for years to come. This advisory note is part of a series, put together by the IET’s expert volunteers in India in the backdrop of the global pandemic brought about by Covid-19. In this paper, experts from our Cybersecurity Working group detail how employees and organisations should conduct themselves while working remotely. Read more about our Future Technology focus as well as our panels here: https://india.theiet.org/innovation-knowledge/. To become a volunteer and to contribute, please write to us at sectors@theiet.in Disclaimers This document is owned and maintained by the Institution of Engineering and Technology, India and the design of the document is © IET India 2020. The information contained in this document should not be interpreted as a representation of the views of the IET, nor should it be assumed that it reflects any of its current or future policy. The information cannot supersede any statutory or contractual requirements or liabilities and is offered without prejudice. While the authors, publisher and contributors believe that the information and guidance given in this work are correct, all parties must rely upon their own skill and judgement while making use of them. Neither the authors nor the publishers assume any liability to anyone for any loss or damage caused by an error or omission in the work, as a result of negligence or any other cause.
  • 3. 3 | P a g e Introduction We are living in a heightened time of cyber risk. Organisations are still operational by allowing their employees to work from home. Cybercriminals have started taking advantage of public fear to generate coronavirus themed phishing attacks. We should be aware of COVID-19 tagged emails with misleading links or attachments. The IET’s Cybersecurity working group has put together some best practices to be followed at this crucial time to safeguard employees and as well as organisations that are navigating the new order of remote working. 24x7 uptime and connectivity Due to the current situation, companies and schools have planned for distance learning and work-from-home setups. Though employees have started using the work-from-home options, are the industries belonging to various sectors, including PSUs and private companies prepared for this heavy influx of remote workers? Organisations should conduct an exercise with their senior leadership teams and business unit heads to list their critical business applications that will be accessed the most by the employees. For cloud applications. Technology heads will have to work with cloud service providers and get a hang about their business continuity plans. Employers should ensure, by testing and validating the proper VPN connectivity for higher utilisation than usual. For enterprises with high-cloud reliance (e.g., an extension of capacity, native cloud systems), select cloud provider who has point-of- presence in the geography where majority of the employees are present and provide network path redundancy. Timely backup One crucial element in these times, more important than ever, is data backup. In these times of the pandemic, employees from various operational units are using their laptops, desktops, etc. In most of the cases, they either save their documents locally on to these systems (for example, as a PDF file or MS office document) in an unencrypted format. This is an issue, from a legal and compliance perspective. In case of a cyberattack, they may also lose their data. Therefore, employees who are working remotely, should back their data up in a timely manner to remain unaffected in case of a cyberattack where they may compromise their valuable data. Access Control Policy Financial services organisations, in a bid for business continuity to clients, may have to provide right of access to employees via remote access. Usual practices like password protection or data encryption may no longer suffice to counter smart data theft. Hence, access control policies should be implemented and updated at various entry points of the organisation. Also, the organisation can contain a potential attacker’s path to crucial data and assets by limiting user access and privileges to the information and tools needed for the employees to perform their immediate role.
  • 4. 4 | P a g e Enhance the security of BYOD Employees working from home for the first time will potentially use desktop computers, laptops, tablets, and smartphones that are not protected to the same level as workplace devices. They should consider using additional risk reduction measures like document and file encryption, VPNs, regular scanning, and other best practices to lower the potential for business intellectual property or financial theft. Employees should secure home Wi-Fi by selecting the most reliable security protocol, changing the Wi-Fi password often, and use MAC filtering, which can be done by logging into the router as admin. Beware of phishing scams and other targeted attacks Recently, cases where attackers leveraging coronavirus-themed cyberattacks and phishing emails masked as sensationalised Covid-19 news or charity pleas have been on the rise. Fake applications like Corona live 1.1 have also been reported. Malware attackers are targeting masses using custom and unique remote-access trojan attacks that steal user information. Employees must consciously maintain security best practices while browsing the web. They should be more cautious about visiting sites while in session with the enterprise web site. Concerned departments and ministries should spread public awareness about these kinds of attacks to save people from being compromised at this crucial time. Enterprises can keep communicating employees through awareness campaign that reminds them of various social engineering attacks. Regular Software Update One of the main issues with most of the organisations operating in these crucial times both PSUs and private enterprises is that they use legacy systems, proprietary software, and software that may not be have been patched. Hence, enterprises need to update their software regularly to keep employees protected in such times, failing which, they will have to battle unproductivity and negative experiences of employees. Enterprises must be on top of threat intelligence and push patches at the earliest while employees must update with the latest patches of the base platform software being used. Conclusion We are currently in what can be called the largest remote working experiment in the history of mankind. Both organisations and employees are learning to work in this new world of work and figuring out the best ways to keep their data safe while minimising disruption and delivering outputs. The lockdown has brought to fore, the need for IT teams to be more vigilant, effective and frequent communications with business leaders and their IT teams and seamless communication with the staff team to ensure compliance.
  • 5. 5 | P a g e
  • 6. 6 | P a g e Contributors Anand Handa Member – IET Cyber Security Working Group Project Executive Officer, Interdisciplinary Centre for Cyber Security and Cyber Defence of Critical Infrastructures, Department of Computer Science and Engineering, Indian Institute of Technology, Kanpur Arnab Chattopadhyay Member – IET Cyber Security Working Group Associate Director, IBM Advisor Arvind Tiwary Chairperson – IET Cyber Security Working Group Chair, TiE IoT Forum If you have a question or query, please feel free to reach out to us at sectors@theiet.in. Read more about our work at india.theiet.org