SlideShare a Scribd company logo

COVID-19: Strategies to Stay Secure and Ensure Business Continuity

Optiv Security
Optiv Security

Optiv is committed to guiding the cybersecurity industry through these shifting times by providing strategies to keep your organization and employees secure while ensuring business continuity. Whether your concerns focus on technology or people, Optiv has outlined specific actions you can take to build confidence in this more connected world. To read our response to the COVID-19 pandemic, as well as other resources and actionable checklists, please visit optiv.com/covid-19-response.

Technology
1 of 18
Download to read offline
COVID-19 Strategies to Stay Secure and Ensure Business Continuity Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved.
In uncertain times, it's reassuring to know that there are still things you can impact and control. Optiv is commi ed to guiding you through these shi ing times by providing strategies to keep your organization and employees secure while ensuring business continuity. TECHNOLOGY • Closing the Remote Gap • VPN Rationing • Flexibility Mindset • Endpoint Connectivity Strategy • Encryption Best Practices • Facility Networks PEOPLE • Eavesdropper Awareness • Official Email Alias • Work from Home (WFH) Best Practices • Combating Disinformation • Awareness Training • Remote Meetings Strategy To read our response to the COVID-19 pandemic, as well as other resources and actionable checklists, please visit optiv.com/covid-19-response. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved.
The increased use of video conferencing solutions in today’s WFH environment has resulted in a ackers ‘squa ing’ on random or known meeting IDs to listen in on potentially confidential conversations and meetings. WHAT YOU CAN DO • Set a meeting password • Require a endees to announce/register themselves • Receive email notifications if a endees are waiting for you to “start” a meeting • Manually verify who a ends the calls And you were worried about people noticing the framed Shrek poster in your home office. 1800BADACTORJill SmithCarla LaRue Pat Lipule Kelsey Reynolds Leave Meeting Pamela Griggs Andrea Sullivan Michael R. FergesunColin Black Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More White Paper
facilisis metus ssa. Proin bortis nisl ac ula. ompany.com es@company.com Sent: Thursday, April 2 Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Sectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna Sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna From: HR@company.com To: Employees@company.com Sent: Thursday, April 2 Integer lectus ante, vehicula eu nulla et, volutpat porta mauris. Nulla sit amet nunc vel justo sollicitudin imperdiet id auctor eu est. From: HR@company.com To: Employees@company.com Sent: Thursday, April 2 Create an email alias so employees can easily identify official corporate communications related to how the virus is affecting the company. From: HR@company.com To: Employees@company.com Sent: Thursday, April 2 Learn More WFH Security Checklist
ANATOMY OF A GOOD WORKING FROM HOME ENVIRONMENT Sit in a chair at a desk Leverage an external monitor Use a headset with a microphone for meetings Respect your office space (dedicated area for work-related items only to maintain its purpose) Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More WFH Security Checklist
Be aware of COVID-19 disinformation campaigns Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More WFH Security Checklist
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Ensure that WFH employees are aware of increases in: SOCIAL ENGINEERING SPEAR PHISHING UNEXPECTED MFA/2FA PROMPTS PHONE PRETEXTING COVID-19 DISINFORMATION CAMPAIGNS Learn More WFH Security Checklist
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. REMOTE COLLABORATION MEETING SOLUTION Ensure team members know how to use the solution Determine the total number of users the solution will support Learn More WFH Security Checklist
If the userbase is exceeding capacity, a VPN rationing schedule can be established where employees are either recommended or required to access the VPN during known windows based on their job function. For example, employees that can perform their work offline most of the day can login to the VPN after core business hours. Additional guidance can also be given to be mindful of bandwidth usage and avoid large file transfers through the VPN when possible. 8:00 Fri 3/27/20 9:00 10:00 1:00 3:00 VPN allotment #1 VPN allotment #2 Walk the dog Virtual lunch w/ Carla Work on projects offline Exercise WFH Schedule 6:00 Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More White Paper
According to research by the consulting firm Global Workplace Analytics, the amount of work done remotely increased 173% in the last 15 years. 2005 2020 And 3.6% of the total United States workforce works from home at least half-time under normal circumstances. That’s 5,760,000 people, or more than the population of Minnesota. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Source: https://globalworkplaceanalytics.com/telecommuting-statistics Learn More White Paper
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Adopt a Flexible Mindset Shorten the normal testing cycle and change management to match production changes. Provide the best level of risk assurance possible given current conditions. Clearly explain the threats and risks that the organization might encounter. Consider your response plan to adapt to all changes in circumstance. Tip: Get a slinky for your home office Learn More White Paper
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Closing the Remote Gap 1. EXPANDING WHAT YOU HAVE EMERGENCY VPN PLAN Avoid large file transfers Get more licenses Use virtual editions of apps Limit access to sensitive tools Learn More White Paper
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Closing the Remote Gap 2. CREATE DIFFERENT METHODS OF ACCESS Leverage existing solutions for internet-facing applications as a template, then employ what you can quickly and securely integrate from any perimeter monitoring perspectives. • Low-risk applications • SSL browser proxies • Multi-factor authentiaction Learn More White Paper
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Closing the Remote Gap 3. CHANGE YOUR ARCHITECTURE There are emerging technologies that have a great deal of scale, flexibility and have better policy controls than traditional VPN solutions. • Software-defined perimeter (SDP) • Software-defined wide area network (SD-WAN) • Secure access service edge (SASE) Learn More White Paper
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. A STRATEGY FOR ENDPOINT CONNECTIVITY TO NETWORKS BEST Company-managed and compliant endpoint BETTER BYOD endpoint connecting to a company-managed virtual desktop infrastructure (VDI) instance GOOD Bring your own device (BYOD) endpoint validated to meet baseline security posture Learn More WFH Security Checklist
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Ensure Corporate Devices Have Drive Encryption Enabled in Case of Loss or Theft Learn More WFH Security Checklist
Consider disabling guest WiFi and any other wireless access that is not well secured as users will not be available to spot suspicious loitering around your facility. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More WFH Security Checklist
Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. To read our response to the COVID-19 pandemic, as well as other resources and actionable checklists, please visit optiv.com/covid-19-response.

Recommended

Business continuity strategy to combat coronavirus (covid 19) - innova global...
Business continuity strategy to combat coronavirus (covid 19) - innova global...Business continuity strategy to combat coronavirus (covid 19) - innova global...
Business continuity strategy to combat coronavirus (covid 19) - innova global...
www.securitysystems.best
 
Pandemic Flu
Pandemic FluPandemic Flu
Pandemic Flu
Kim Dyches
 
SecuringAWirelessNetwork_Capstone
SecuringAWirelessNetwork_CapstoneSecuringAWirelessNetwork_Capstone
SecuringAWirelessNetwork_Capstone
Cecil Sellars
 
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSINTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONS
Ivanti
 
The Future of Technology Operations
The Future of Technology OperationsThe Future of Technology Operations
The Future of Technology Operations
Ivanti
 
Stay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breachStay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breach
Sridhar Karnam
 
ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0
Barun Kumar
 
Open Source Security - It can be done easily.
Open Source Security - It can be done easily.Open Source Security - It can be done easily.
Open Source Security - It can be done easily.
Flexera
 

Recommended

Business continuity strategy to combat coronavirus (covid 19) - innova global...
Business continuity strategy to combat coronavirus (covid 19) - innova global...Business continuity strategy to combat coronavirus (covid 19) - innova global...
Business continuity strategy to combat coronavirus (covid 19) - innova global...
www.securitysystems.best
 
Pandemic Flu
Pandemic FluPandemic Flu
Pandemic Flu
Kim Dyches
 
SecuringAWirelessNetwork_Capstone
SecuringAWirelessNetwork_CapstoneSecuringAWirelessNetwork_Capstone
SecuringAWirelessNetwork_Capstone
Cecil Sellars
 
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSINTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONS
Ivanti
 
The Future of Technology Operations
The Future of Technology OperationsThe Future of Technology Operations
The Future of Technology Operations
Ivanti
 
Stay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breachStay out of headlines for non compliance or data breach
Stay out of headlines for non compliance or data breach
Sridhar Karnam
 
ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0ISCA Slides - Barun Kumar v1.0
ISCA Slides - Barun Kumar v1.0
Barun Kumar
 
Open Source Security - It can be done easily.
Open Source Security - It can be done easily.Open Source Security - It can be done easily.
Open Source Security - It can be done easily.
Flexera
 
Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020
Ivanti
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
Legal Services National Technology Assistance Project (LSNTAP)
 
Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - Netherlands
Ivanti
 
Sec1391
Sec1391Sec1391
Sec1391
PaulDAvilar
 
Making Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesMaking Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar Slides
Netskope
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security
Inside Analysis
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsCybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Ivanti
 
Mobile Solutions and Privacy – Not One at the Expense of the Other
Mobile Solutions and Privacy – Not One at the Expense of the Other Mobile Solutions and Privacy – Not One at the Expense of the Other
Mobile Solutions and Privacy – Not One at the Expense of the Other
bradley_g
 
Webinar: 12 Tips to Stay Safer Online - 2018-10-16
Webinar: 12 Tips to Stay Safer Online - 2018-10-16Webinar: 12 Tips to Stay Safer Online - 2018-10-16
Webinar: 12 Tips to Stay Safer Online - 2018-10-16
TechSoup
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFI
EC-Council
 
How Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is ImplementedHow Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is Implemented
Jerry Paul Acosta
 
Pcs academy october_2020_security
Pcs academy october_2020_securityPcs academy october_2020_security
Pcs academy october_2020_security
Hugo Ivan Arellano Ibarra
 
S bailey resume
S bailey resumeS bailey resume
S bailey resume
Sherry D. Bailey
 
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
NetworkCollaborators
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020
Dharmesh Thakker
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security Battleground
Watchful Software
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWP
Sridhar Karnam
 
Keep Calm and GDPR
Keep Calm and GDPRKeep Calm and GDPR
Keep Calm and GDPR
MissMarvel70
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian
 
ITT - Tech CNS Captstone Project
ITT - Tech CNS Captstone ProjectITT - Tech CNS Captstone Project
ITT - Tech CNS Captstone Project
vegasgirl1
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny Heaberlin
Cloud Expo
 

More Related Content

What's hot

Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - Netherlands
Ivanti
 
Making Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesMaking Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar Slides
Netskope
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security
Inside Analysis
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWP
Sridhar Karnam
 
ITT - Tech CNS Captstone Project
ITT - Tech CNS Captstone ProjectITT - Tech CNS Captstone Project
ITT - Tech CNS Captstone Project
vegasgirl1
 

What's hot (20)

Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020Ivanti Patch Tuesday for June 2020
Ivanti Patch Tuesday for June 2020
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - Netherlands
 
Sec1391
Sec1391Sec1391
Sec1391
 
Making Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar SlidesMaking Cloud Security Part of Your DNA Webinar Slides
Making Cloud Security Part of Your DNA Webinar Slides
 
To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security To Serve and Protect: Making Sense of Hadoop Security
To Serve and Protect: Making Sense of Hadoop Security
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsCybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
 
Mobile Solutions and Privacy – Not One at the Expense of the Other
Mobile Solutions and Privacy – Not One at the Expense of the Other Mobile Solutions and Privacy – Not One at the Expense of the Other
Mobile Solutions and Privacy – Not One at the Expense of the Other
 
Webinar: 12 Tips to Stay Safer Online - 2018-10-16
Webinar: 12 Tips to Stay Safer Online - 2018-10-16Webinar: 12 Tips to Stay Safer Online - 2018-10-16
Webinar: 12 Tips to Stay Safer Online - 2018-10-16
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFI
 
How Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is ImplementedHow Network Data Loss Prevention is Implemented
How Network Data Loss Prevention is Implemented
 
Pcs academy october_2020_security
Pcs academy october_2020_securityPcs academy october_2020_security
Pcs academy october_2020_security
 
S bailey resume
S bailey resumeS bailey resume
S bailey resume
 
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security Battleground
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWP
 
Keep Calm and GDPR
Keep Calm and GDPRKeep Calm and GDPR
Keep Calm and GDPR
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
 
ITT - Tech CNS Captstone Project
ITT - Tech CNS Captstone ProjectITT - Tech CNS Captstone Project
ITT - Tech CNS Captstone Project
 

Similar to COVID-19: Strategies to Stay Secure and Ensure Business Continuity

The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny Heaberlin
Cloud Expo
 
COVID-19 Healthcare Cybersecurity: Best Practices for a Remote Workforce
COVID-19 Healthcare Cybersecurity: Best Practices for a Remote WorkforceCOVID-19 Healthcare Cybersecurity: Best Practices for a Remote Workforce
COVID-19 Healthcare Cybersecurity: Best Practices for a Remote Workforce
Health Catalyst
 
Enhancing Cybersecurity in Remote Work-3.pdf
Enhancing Cybersecurity in Remote Work-3.pdfEnhancing Cybersecurity in Remote Work-3.pdf
Enhancing Cybersecurity in Remote Work-3.pdf
Turing.com
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
Darren Argyle
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
Amazon Web Services
 

Similar to COVID-19: Strategies to Stay Secure and Ensure Business Continuity (20)

Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny Heaberlin
 
Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021
 
Quantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate Leadership
 
COVID-19 Healthcare Cybersecurity: Best Practices for a Remote Workforce
COVID-19 Healthcare Cybersecurity: Best Practices for a Remote WorkforceCOVID-19 Healthcare Cybersecurity: Best Practices for a Remote Workforce
COVID-19 Healthcare Cybersecurity: Best Practices for a Remote Workforce
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
Enhancing Cybersecurity in Remote Work-3.pdf
Enhancing Cybersecurity in Remote Work-3.pdfEnhancing Cybersecurity in Remote Work-3.pdf
Enhancing Cybersecurity in Remote Work-3.pdf
 
Cisco Connect 2018 Philippines - fay ocampo
Cisco Connect 2018 Philippines - fay ocampoCisco Connect 2018 Philippines - fay ocampo
Cisco Connect 2018 Philippines - fay ocampo
 
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec StakeholdersIvanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
Ivanti Webinar - How to Win Budget and Influence Non-InfoSec Stakeholders
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
Navigating the Flood of BYOD
Navigating the Flood of BYODNavigating the Flood of BYOD
Navigating the Flood of BYOD
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
Large-Scale Remote Access & Mobility
Large-Scale Remote Access & MobilityLarge-Scale Remote Access & Mobility
Large-Scale Remote Access & Mobility
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
 
How Disruptive Technologies Drive Innovation in the Channel
How Disruptive Technologies Drive Innovation in the ChannelHow Disruptive Technologies Drive Innovation in the Channel
How Disruptive Technologies Drive Innovation in the Channel
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operations
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
 

Recently uploaded

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Recently uploaded (20)

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 

COVID-19: Strategies to Stay Secure and Ensure Business Continuity

  • 1. COVID-19 Strategies to Stay Secure and Ensure Business Continuity Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved.
  • 2. In uncertain times, it's reassuring to know that there are still things you can impact and control. Optiv is commi ed to guiding you through these shi ing times by providing strategies to keep your organization and employees secure while ensuring business continuity. TECHNOLOGY • Closing the Remote Gap • VPN Rationing • Flexibility Mindset • Endpoint Connectivity Strategy • Encryption Best Practices • Facility Networks PEOPLE • Eavesdropper Awareness • Official Email Alias • Work from Home (WFH) Best Practices • Combating Disinformation • Awareness Training • Remote Meetings Strategy To read our response to the COVID-19 pandemic, as well as other resources and actionable checklists, please visit optiv.com/covid-19-response. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved.
  • 3. The increased use of video conferencing solutions in today’s WFH environment has resulted in a ackers ‘squa ing’ on random or known meeting IDs to listen in on potentially confidential conversations and meetings. WHAT YOU CAN DO • Set a meeting password • Require a endees to announce/register themselves • Receive email notifications if a endees are waiting for you to “start” a meeting • Manually verify who a ends the calls And you were worried about people noticing the framed Shrek poster in your home office. 1800BADACTORJill SmithCarla LaRue Pat Lipule Kelsey Reynolds Leave Meeting Pamela Griggs Andrea Sullivan Michael R. FergesunColin Black Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More White Paper
  • 4. facilisis metus ssa. Proin bortis nisl ac ula. ompany.com es@company.com Sent: Thursday, April 2 Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Sectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna Sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna From: HR@company.com To: Employees@company.com Sent: Thursday, April 2 Integer lectus ante, vehicula eu nulla et, volutpat porta mauris. Nulla sit amet nunc vel justo sollicitudin imperdiet id auctor eu est. From: HR@company.com To: Employees@company.com Sent: Thursday, April 2 Create an email alias so employees can easily identify official corporate communications related to how the virus is affecting the company. From: HR@company.com To: Employees@company.com Sent: Thursday, April 2 Learn More WFH Security Checklist
  • 5. ANATOMY OF A GOOD WORKING FROM HOME ENVIRONMENT Sit in a chair at a desk Leverage an external monitor Use a headset with a microphone for meetings Respect your office space (dedicated area for work-related items only to maintain its purpose) Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More WFH Security Checklist
  • 6. Be aware of COVID-19 disinformation campaigns Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More WFH Security Checklist
  • 7. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Ensure that WFH employees are aware of increases in: SOCIAL ENGINEERING SPEAR PHISHING UNEXPECTED MFA/2FA PROMPTS PHONE PRETEXTING COVID-19 DISINFORMATION CAMPAIGNS Learn More WFH Security Checklist
  • 8. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. REMOTE COLLABORATION MEETING SOLUTION Ensure team members know how to use the solution Determine the total number of users the solution will support Learn More WFH Security Checklist
  • 9. If the userbase is exceeding capacity, a VPN rationing schedule can be established where employees are either recommended or required to access the VPN during known windows based on their job function. For example, employees that can perform their work offline most of the day can login to the VPN after core business hours. Additional guidance can also be given to be mindful of bandwidth usage and avoid large file transfers through the VPN when possible. 8:00 Fri 3/27/20 9:00 10:00 1:00 3:00 VPN allotment #1 VPN allotment #2 Walk the dog Virtual lunch w/ Carla Work on projects offline Exercise WFH Schedule 6:00 Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More White Paper
  • 10. According to research by the consulting firm Global Workplace Analytics, the amount of work done remotely increased 173% in the last 15 years. 2005 2020 And 3.6% of the total United States workforce works from home at least half-time under normal circumstances. That’s 5,760,000 people, or more than the population of Minnesota. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Source: https://globalworkplaceanalytics.com/telecommuting-statistics Learn More White Paper
  • 11. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Adopt a Flexible Mindset Shorten the normal testing cycle and change management to match production changes. Provide the best level of risk assurance possible given current conditions. Clearly explain the threats and risks that the organization might encounter. Consider your response plan to adapt to all changes in circumstance. Tip: Get a slinky for your home office Learn More White Paper
  • 12. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Closing the Remote Gap 1. EXPANDING WHAT YOU HAVE EMERGENCY VPN PLAN Avoid large file transfers Get more licenses Use virtual editions of apps Limit access to sensitive tools Learn More White Paper
  • 13. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Closing the Remote Gap 2. CREATE DIFFERENT METHODS OF ACCESS Leverage existing solutions for internet-facing applications as a template, then employ what you can quickly and securely integrate from any perimeter monitoring perspectives. • Low-risk applications • SSL browser proxies • Multi-factor authentiaction Learn More White Paper
  • 14. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Closing the Remote Gap 3. CHANGE YOUR ARCHITECTURE There are emerging technologies that have a great deal of scale, flexibility and have better policy controls than traditional VPN solutions. • Software-defined perimeter (SDP) • Software-defined wide area network (SD-WAN) • Secure access service edge (SASE) Learn More White Paper
  • 15. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. A STRATEGY FOR ENDPOINT CONNECTIVITY TO NETWORKS BEST Company-managed and compliant endpoint BETTER BYOD endpoint connecting to a company-managed virtual desktop infrastructure (VDI) instance GOOD Bring your own device (BYOD) endpoint validated to meet baseline security posture Learn More WFH Security Checklist
  • 16. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Ensure Corporate Devices Have Drive Encryption Enabled in Case of Loss or Theft Learn More WFH Security Checklist
  • 17. Consider disabling guest WiFi and any other wireless access that is not well secured as users will not be available to spot suspicious loitering around your facility. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. Learn More WFH Security Checklist
  • 18. Proprietary and CONFIDENTIAL. Do Not Distribute. © 2020 Optiv Security Inc. All Rights Reserved. To read our response to the COVID-19 pandemic, as well as other resources and actionable checklists, please visit optiv.com/covid-19-response.