24 March 2020
The spread of coronavirus is driving an immediate change in working habits for many organisations. With a significant increase in the adoption of remote work or telecommuting, as a means to ensure the safety of employees and to contain the spread of the virus.
Working outside of the traditional office environment can be effective, if people have the right tools at their disposal. Remote work or telecommuting, will provide a testing ground for robust remote access process and procedures plus a good test for a range of technology solutions that are designed to foster collaboration and eliminate the need to sit in face to face meetings.
We would recommend organisations take the opportunity to ensure their users have clear direction regarding access to systems, networks and data from a remote location. In doing so an organisation will be better placed to understand and manage their risk exposure in setting up for the new or adapted environment.
Some Points To Consider
Should you wish to discuss which policies, processes and procedures you should have in place to enable secure remote access then feel free to make contact. In light of the challenging business environment Kaon Security is happy to assist organisations in need of assistance to get their remote working arrangements in place with a free 90 minutes consultancy – delivered remotely of course!
To take up this offer please contact us.
Have your remote access solutions been tested to validate they are configured securely and fit for purpose? – talk to us about how we can assist. A “once over” will provide peace of mind and limit the chance of a security issue arising.
New Remote Working Advisory Released 17th March
The National Cyber Security Centre (NCSC) has produced a good informative advisory document on remote working practices -
https://www.ncsc.govt.nz/newsroom/working-remotely-advice-for-organisations-and-staff/
Scammers Are Not Taking A Break
Cert NZ are advising people to be wary of on online scams and attacks that have recently been used in other countries. The examples listed on their website include:
To view the Cert NZ information –
https://www.cert.govt.nz/individuals/alerts/attackers-using-covid-19-themed-scams/
Given the amount of information in the public domain regarding coronavirus it is important to reinforce to all employees the need for vigilance when it comes determining the legitimacy of an incoming email message incorporating a link regarding the virus or a related topic.
To heighten user awareness Kaon Security can run bespoke phishing simulation campaigns for any organisation that wishes to improve user awareness and vigilance regarding scam/deceptive emails. The turnaround time on setting up and delivering a campaign is very quick and it is a low overhead, but effective, exercise for an organisation and of course does not require an onsite visit.
Microsoft recently claimed that 0.5 per cent of Azure Active Directory accounts as used by Microsoft 365 are being compromised every month. In January this meant 1.2 million accounts were compromised.
These figures were revealed by Microsoft’s director of identity security, Alex Weinert, and IT identity and access program manager Lee Walker at the “RSA conference 2020” February 24-28 in San Francisco.
An account compromise means that a malicious actor or script has some access to internal resources. The objective of the account compromise could be to steal sensitive data, escalate access privileges or to send out some spam messages. The attack methods being used are phishing, password spraying and password replay attacks.
Alex Weinert goes on to say in his presentation there's a 99.9 per cent chance that a customer who has been attacked did not have MFA [Multi Factor Authentication] enabled.
Their technical presentation - Breaking Password Dependencies: Challenges in the Final Mile at Microsoft is available to view at -
https://www.youtube.com/watch?v=B_mhJO2qHlQ
The level of account compromises Kaon Security has been made aware of locally has been a cause for concern for some time. We frequently highlight there is very limited or no use of multifactor authentication when conducting our Microsoft 365 security configuration audit services for organisations. In our next EDM we’ll talk about the common techniques being applied to breach accounts and why therefore MFA is very necessary. Read about our Microsoft 365 Security Audit Service.