KnowBe4 partnership a step forward in our cyber security services

Standby Consulting Middle East is now in partnership with KnowBe4, market leaders in Security Awareness and Training Solutions. KnowBe4 developed the world’s first and largest New-school security awareness training and simulated phishing platform that helps organisations manage the ongoing problem of social engineering.

As official partners, Standby is able to bring this fully scalable and easy to use platform to our customers.

Did you know your email filters have an average 7-10% failure rate?

You need a strong human firewall as your last line of defence.

The KnowBe4 platform provides new-school security awareness training. Standby can apply the training tools and resources applicable to your organisation to help you keep your users on their toes with security top of mind. It comes as an integrated platform where you can train and phish your users, see their awareness improve over time and get measurable results.

Features include:

  • on-demand, interactive, engaging training through the browser

  • unlimited simulated social engineering attacks through email, phone and text

  • access to the world’s largest security awareness training library with always-fresh content

What’s more, Standby can build the KnowBe4 training into your existing cyber security governance procedures and BCP testing programme.

If you’d like to have a conversation with one of the Standby team about how KnowBe4 can work within your organisation, then send us an email and we can arrange a time to talk.

How prepared is your organisation for a Cyber Attack?  

The potential for significant reputational loss as well as serious operational outages caused by a cyber-attack can often mean the impact to an organisation is much more significant than when dealing with other more traditional disaster scenarios.

Cyber-attacks happen incredibly quickly, which means organisations need to be prepared to respond to them just as quickly. An effective response includes key factors such as:

·       Clearly defined crisis roles and responsibilities

·       Tested communication channels for both internal and external communications – multiple channels should be available dependent on the systems impacted

·       Clear understanding of all stakeholder requirements and required recovery timelines once a systems outage has occurred

·       Confident personnel to carry out timely recovery actions

For most organisations it would be impossible to define and effectively implement these requirements during an actual cyber incident once an attack has already begun. Therefore, it is critical for any organisation who wishes to be able to deal with a cyber breach effectively to have spent time developing, testing and practicing these requirements well in advance of any potential breach.

Alongside any technical recovery, the top-level crisis management and communication activities can play just as important part in ensuring the impact from any cyber breach is minimised and the organisation can remain operational.

The below important areas for you to focus on to help develop your own cyber incident management procedures.  

1. What is your communication protocol?


During a cyber incident clear and concise communication is key. Often within organisations plans are put in pace that only consider the technical response to the incident and communicating with external stakeholders. It is, however, also essential to understand the importance of internal incident communications and ensure that your existing crisis communication plans are robust enough to deal with any type of cyber incident.
One of the key decisions to be made during an incident is when will you communicate with all your different stakeholders, or others who could be affected by the breach. Too early and you may give out the wrong information, leading to other complications later down the line, and too late and someone may beat you, potentially with the wrong information, or just as bad for your reputational integrity, it may looks like you were trying to cover it up.

Different Cyber breach incidents may well require different timelines for stakeholder interactions, which is why it is important to spend time thinking and talking through each different impact type with all areas of the organisation, and understanding any regulatory or Service requirements for each stakeholder, as well as the internal priorities and communication strategies for the organisation.

A brainstorm or practice exercise are much better forum to have these discussions, rather than during an incident when the pressure is on.

2. Where would awareness of the incident come from?

The news of a data breach may come into the organisation via multiple channels, some of which are difficult to define. It is a challenge to consider how the team who is responsible for managing any incident will be made aware of it. Who within your organisation is tasked with managing the response to a cyber-attack? And are IT and senior management aware of how an incident would be managed?

3. Roles and responsibilities needed to deal with a cyber incident

Cyber incidents could impact your organisation in a variety of ways, presenting numerous challenges. It is very important that there are definitive Roles and Responsibilities for the response team members to ensure any incident can be managed effectively. This preparation time will enable the team to understand what their specific roles are, and how the response should look, even when in a pressurised situation.

How can we help?

Our Cyber Security Management offerings include cyber governance best practice, and breach response planning, as well as training and awareness exercises and activities for staff at all levels.

As a starting point, why not try our online facilitator-led Cyber Attack Simulation role play exercise. You and other key members of your crisis response team can work together through a fictional but very realistic cyber-attack, managing any impacts via a simulated virtual desktop where you can chat with each other and other stakeholders, check emails, track the market impacts, make critical decisions and more.

Bring your key people together to develop both your skills and processes for managing a cyber breach event. 

Find out more about our Cyber Attack Simulation here

Can Stricter Policies Build a Freer Workforce?

I have been reading a lot recently about evolving operational models for the ‘New Normal’. Staff have had a taste of freedom and now expect it more permanently, and for a lot of companies output has been as good as - if not better than - before, so why not give it to them?

I am in complete agreement with those that say some people work more effectively when managing their own schedule; I believe I am one of those people. I manage my own schedule, decide when and where I work (within reason) and in turn feel more in control, happier and more productive for it. That said, it is certainly not for everyone, and even for those of us it does suit, there are a number of downsides: When can you actually officially switch off? When is work time vs when is family time? And during a busy period at work, which of those two is more pressing/important?

Finding this balance is probably the most complicated part of setting your own schedule, and after several years doing it, I still don’t think I have got it completely right.

With Great Freedom, Comes Great Responsibility

I also read an article on a completely different topic recently; the rise of low-code and no-code platforms. Although unrelated, the content of the article surprisingly led me to the same conclusions as for the problem of time management for autonomous workers.

This particular article discussed the benefits low/no-code applications can bring to organisations, by freeing up overworked IT staff and allowing traditionally ‘non coders’ the ability to establish and configure new systems or workflows as they require. Another great step forward in modernising the workplace and making a business more agile and cutting edge, but as the old saying goes: ‘With great power, comes great responsibility!

Understanding the risks and how to mitigate them

Companies implementing these applications that allow so much potential change in their workflow need to be aware what is being introduced, how, and what the wider implications are.

Perhaps the old bottlenecks caused by overworked IT staff were allowing time for companies to plan changes properly and giving time to settle a system once implemented. So if this bottleneck is no longer an issue and departments and individuals can just change systems and workflows whenever they like, will companies and their existing procedures and governance be able to keep up?

Standby have worked in many organisations over the years, where one of the biggest threats to their IT infrastructure resilience is departments going solo and implementing or updating applications, or even just adding Macros within workbooks to suit their immediate needs. No review was taken to see how this change would impact the business processes overall, and no consultation was had with the IT or Security teams to ensure that it was safe to add anything to the existing infrastructure. In many cases, it wasn’t until an external consultant like us came in and started prodding around that the IT department were even made aware of the ungoverned configurations sat within their own infrastructure!

Two separate challenges, one solution

These two seeming unrelated issues: the risk of staff burnout due to the removal of set boundaries around the working day; and the no/low-code applications departments may introduce to their business systems, are now more closely aligned. Under the changed model of work where more team members are working away from the traditional office environment – either in a satellite location or from home, there is an increase chance of individuals adding their own applications to assist their own workflows and time management styles.

So what is the solution to making all of this freedom successful? In my opinion it is all about setting new policies.

Yes, allow a staff member to work from home and set their own timetable if that’s what suits them, but enforce a 6 or 8 or 10 hour work day, or 30 hour working week etc. Modernise the working policies and contracts to suit this. Whatever is expected as per the policy, make sure they turn off their computer once they have done it; set an auto shutdown if you need to.

It is not until these new policies are created and enforced properly, that staff will have clearer and more achievable expectations and deliverables in the new working environment, and hopefully in turn higher job satisfaction.

Yes, free up the IT team by implementing low or no-code applications, giving other departments the freedom to configure systems and workflows how they need. But ensure that these changes are within set parameters and measurables. For example, develop and enforce strict change management policies and procedures to be followed before anyone is authorised to make changes, no matter who they might be or what department they are from.

Strict Policies are Vital for Progress

Strict policies and strong governance should not be a business restrictor, they should in fact be the complete opposite; a business enabler. Relevant policies governed in the right ‘spirit’ should lay the foundations to enable companies and personnel to know exactly how to innovate and progress in a focused and secure way.

Enabling access to managing low-code applications under the right guidelines and protocols will in turn bring better balance to the workday, no matter where your team is operating. With the right policies in place, companies are better able to manage the shift to a 'new normal that enhances productivity in a more sustainable way.

It’s always good to take a breath, just don’t stop for too long…

2020 has been a tough year for most organisations and individuals alike. A couple of months ago, the team here at Standby produced a white paper called ‘COVID-19: An Uncertain Future - how to plan your way through’, which discussed a number of the current COVID-19 impacts on organisations and some strategies to help you deal with these impacts and begin planning a roadmap to your new normal. At the time we were desperate to get the paper out as quickly as possible, trying to beat the curve and ensure we were able to provide useful and timely information for anyone who needed help trying to restart normal operations.

Interestingly though, since we published the paper, for many parts of the world, and the Middle East in particular, it doesn’t feel like much has really changed. There have been a few ebbs and flows along the way and some changes in restrictions have been applied in various countries, but in general it feels like many organisations have now settled in to a temporary new operating model and are very happy just to take a breath and not rush to change anything more just yet.

Don’t rush your next steps

There are certainly many positive reasons to encourage this approach: minimising any further expenditure for the year; allowing staff some sort of normality for a while to prevent more stress; presenting a stable environment to customers and stakeholders; and for most, it just gives time to wait and let the dust to settle a little, to ensure further time, effort and expense is not spent now on a resumption strategy that 3 months down the line, no longer makes sense due to the external political and economic changes still taking place.

As discussed in a recent blog ‘Balancing the security vs efficiency dilemma for your new normal’, this breathing time also provides an excellent opportunity to take stock of what has happened recently, and carry out some sort of ‘halftime’ action report to review any lessons learnt and actions taken and begin to think about where to go next, also horizon scanning for any upcoming risks that we should be prepared to deal with.

But don’t forget your key commitments

One very important risk that we should be looking out for at this time, and an operational activity that may well have taken a slightly back seat over the last few months is our regulatory compliance.

We are now in August and before we know it summer and then potentially the rest of the year will be over, putting some pressure on many compliance requirements taking place before the year end. Although we would like to think there may be some sympathy and flexibility shown by regulators in these difficult times, it is still essential that central banks and other regulatory bodies ensure that companies are operating safely and effectively, and therefore there must be some enforcement of existing regulations, for all our sakes.

In the case of many of our clients within the Middle East this will mean ensuring ongoing annual update and improvement activities are taking place within their IT and resilience programmes. Activities for example such as:

·       Updating resilience documentation such as the BIA reports or IT DR/BCP/Crisis Management plans

·       Ensuring staff are provided with up to date BCP and resilience awareness training

·       Carrying out an annual IT DR failover tests and CMT exercises

We know that with a number of other external pressures these items can become bottom of the priority list, but its vitally important they do not, not only to ensure conformity with regulatory requirements, but more importantly to ensure your resilience infrastructure and processes have been properly tested in the new business environment and are not found to be ineffective if called upon for real in these unpredictable times.

Time for a new approach

One major positive from all the recent change this year is that new operating models and recently altered perceptions on remote and outsourced working may just offer an opportunity to change some old methodologies. The new normal may allow you to look at more time and cost effective models for managing any of these regulatory requirements. Standby have developed a number of managed services to help our clients and partners manage your resilience and IT DR programmes, including online training activities for both staff awareness and other training requirements, as well as remote Crisis Management Team exercising.

Get in touch with one of the team today to see what services we can offer that will allow you the opportunity to continue to focus on more pressing issues, whilst still ensuring you stay on top of your regulatory commitments.

Balancing the security vs efficiency dilemma for your ‘new normal’

Many management and IT teams have done an amazing job over the last few months, completely changing their working environments to shift most, if not all, their staff ‘offsite’ in such a tight timeframe. A project completed in just a matter of weeks or months, which would usually be assigned many more months if not years to plan and carry out safely and effectively, is a great achievement, but at what cost?

Have we left major security gaps that can be exploited by hackers? Or have we locked our doors so tight, our staff are struggling to work effectively?

Finding the right balance between security and efficiency can be challenging, especially when under immense time pressures. Now the dust is beginning to settle, what can your organisation do to review and adjust your remote team connectivity to deliver on both levels?

Securing the remote environment

Cyber security has been a hot topic over the last few years due to the ever-increasing and high-profile attacks seen on numerous major and international organisations. The introduction of new or enhanced data protection laws such as the New Zealand Privacy Act, The EU GDPR and more recently within the Middle East, country regulations such as the Bahrain Personal Data Protection Law (PDPL), have only acted to enhance the focus on properly securing our systems and data.

We successfully locked our doors and secured ourselves, then Covid-19 came, forcing us out from behind our carefully built layers of security and into a more dynamic working landscape. We now need to work out how to safely open things back up again to allow our teams access to our data from outside our internal networks.

For a lot of our clients, remote working was already something on the agenda, and some had even set it up for key employees or senior management, but most had not finalised an effective strategy to roll out organisation wide on the scale that the current crisis has required.

Most IT departments have worked tirelessly over the last few months to implement their remote working strategies and in turn most organisations are now rightfully feeling very proud of themselves and the speed in which they have adapted their operating environment. But that does not mean the job is even close to done.

·       How many of these changes have been properly tested to ensure airtight security?

·       How long can you be comfortable just hoping no hacker notices the gaps before they can patch them up?

·       How many staff are using old laptops they had at home already which very likely have some sort of previous malware embedded somewhere?

·       How many staff are on home WIFI networks which may have been compromised a long time prior to the start of this pandemic?

·       How many staff or managers are reading or printing confidential company information and data in an unsecured environment which is open to visitors and potential prying eyes?

This is just the start of a very long list of security questions which may find serious compromises within your current infrastructure. My hope is that most IT teams will have already addressed most, if not all, of these obvious problems, but if you are not, then now is definitely time to clean up your systems; before someone else notices!

Balancing Security and Efficiency

Implementing secure remote access comes with its own set of usability problems: it can often take forever for a member of staff to get in to the system; layer after layer of passwords and links before even accessing emails. Or once you have logged in to your emails, you can’t just jump online to check something on Google, because your VPN is blocking access to anything else outside of your internal network. All of this creates a very secure environment, but not a particularly productive one.

That’s not to say there aren’t a number of good technical solutions out there that are able to allow both very tight security and also efficient ways to navigate through them, I just don’t know many organisations that been able to secure enough budget or had enough time to implement them yet.

How can you improve?

Before we accept anything as the ‘new normal’, or use any of our current practices as a roadmap for long term success, now is a critical time for an organisation to take a deep, long look at everything they have done recently and ask a few questions:

·       Are our systems and endpoints truly secure?

·       Are our people able to work within our systems as effectively as they were from the office?

·       Are our people truly happy with the current setup?

And if the answer to any of the above is no:

·       What can we do to make it better?

This may come across as all too easy, but the process of gathering the right information to answer these questions effectively should not be taken lightly. You will need to spend serious time and effort engaging the whole business and digging in to everything that has happened over the last few months, alongside any existing structures and procedures, and figuring out exactly how it will all best fit together going forward to ensure both organisational effectiveness and long term resilience.

If you would like help assessing you current environment or planning your next steps, then why not download our Free Standby Consulting Lessons Learnt questionnaire here or contact one of our team to discuss how else we may be able to help.

About Standby Consulting

Standby Consulting are specialists in organisational resilience based out of New Zealand and the Middle East with a presence in Bahrain, UAE and Saudi Arabia. With a wide range of experience across most business sectors, Standby is here to support your organisation in the development and implementation of your critical Business Continuity, Disaster Recovery and other resilience activities. We help our clients and partners by offering independent, honest, and experienced advice to ensure that all of your bespoke resilience needs can be met in a timely and cost-effective manner.

Kidnapped! - the catastrophic cost of ransomware

The changing working landscape has made businesses more vulnerable to ransomware attacks. The threat of cyber breach events is very real and, as more businesses are finding out, can come with catastrophic costs. 

Protection from Ransomware Attacks

Back on 17 March 2020 we published a blog warning about cyber security risks for businesses with people working from home. Unfortunately, this prediction has turned out to be true, with several reports over the last couple of months of Ransomware taking businesses “down”. There is a high probability that this ransomware software got through via an insecure personal computer from someone working at home, or a new remote connection which was implemented in haste, without enough time to carry out the stringent security checks and testing periods usually required before implementing any new channels or endpoints. 

What does Ransomware do when it gets in?

Ransomware can be a particularly devastating attack on computer systems. It is quite aggressive and, when well designed, it looks for a whole series of common file extensions and corrupts them all. The number of files it will look for and eventually encrypt can be close to 90 different types. Although not all of the files may be affected, enough will be encrypted, making it almost impossible to unencrypt and recover from. The software is designed so it quietly encrypts all the files it can find in the background before anyone notices. The first indication will likely be that an application will stop operating. If the computer is on a corporate network, it can work its way down the network to basically any computer it can find, even corrupting your backups if they are online. and then finally encrypting files listed on your desktop, which is often the first sign for many businesses that you have a major problem. By then, it is too late to do anything.

Can files be recovered without paying the ransom?

Recovering from this is extremely difficult. It can take days or weeks to work out how the files have been encrypted and then establish what the encryption key is. 

If you wish to recover using your backup files, one has to basically do what is known in the industry as a "cold steel” rebuild. That is, totally wipe all the data off your computers or servers and storage disks and then rebuild from a backup that does not have the Ransomware malware already on it.  Some versions of Ransomware can be on your computers for several days or weeks before it is activated, so going back to the latest backup may not work.

Now the problem with most corporate organisations these days is, the backups are normally on disk and these disks are online, so these also get corrupted. Similarly, for those organisations replicating backup data to a remote location, there is a high probability that the ransomware will make it through to those distant backups and corrupt them as well. 

It is at this point in a ransomware attack that your IT group go to a sickly shade of white, need to rush off to the bathroom, as they realise first that their online backups are useless and second it is going to take them a long time to restore your data. We’re talking weeks at the very least, which is something that most businesses cannot afford. 

If you do not have off-site/offline backups they may never be able to rebuild your data. 

Changes in the industry to fight ransomware crime

The software and hardware industries are not sitting on their hands, but are in fact are working hard to address the exposure to such attacks. The following are some of the solutions that are coming through:

Data Backup Software that recognises a Ransomware attack

For backup tapes, there are products that use Artificial Intelligence (AI) to detect attempts to encrypt files. The product maps your normal file encryption via AI and as soon as it detects an attack it disconnects from the network and then restores the damaged files. 

Replication of Data Protection

For replication there are now products that have inbuilt ransomware protection to stop the software getting to the remote location. This is a relatively new feature of some of the replication software and it would pay to check if the latest version you have provides ransomware protection.

Desktop Malware Protection

For home computers and also business protection, there are products that have inbuilt Ransomware and remediation of files built in. These are not the common malware protection products or the free products many choose to rely on. It will cost you a little more for the right protection but it is far cheaper than dealing with the costs to your business of an actual attack.

What can you do to increase your protection?

The most important action you can take right now is, take your backups offline after completion. If your business is using tape backups or USB disk backups, then you should have a policy of removing them off your system when the backup is finished. This creates what is known as an “air-gap” so that the malicious software cannot get to your backups. Make sure a part of those backups is the rebuild files for the hardware and operating systems. This can be a little old-school but it is better than nothing.

Other things you can do include:

  • Ensure your personnel are aware of the dangers of opening files and programmes that are from people they do not know. 

  • Ensure all devices your team are working from remotely are secure, with robust anti-virus software that includes firewalls and malware protection, and keep it up to date.

  • Have the connectivity path from your office systems to the remote location via secure VPN with Two Factor Authentication.

  • Review security for home internet connectivity; in particular, change the default password on the routers and other devices.

  • Ring-fence sensitive systems and data from extended network activity where possible.

  • Provide dedicated devices to remote team members instead of allowing access from home computers or other shared devices.

  • Block the use of USB ports on computers used for company use.

  • Step up or refresh team training around security protocols and best practice.

  • Get expert advice from a professional cyber security consultant

Establishing the risks and impact of a Major IT Outage

Organisations need to understand the level of risk and impact of a cyber-attack as with any other major IT outage. A cyber-attack can have the same disastrous impact as a major natural disaster – in fact, it can be more damaging as it takes out a business’ reputation along with its ability to function.   Cyber-attacks happen very fast and so organisations need to be prepared to be able to respond to them just as quickly. This includes having roles and response plans defined for key personnel, internal and external communication plans including media statements and scripts for call centres; and most importantly the response plan needs to be embedded and practised via cyber breach training exercises.

How can Standby Consulting help?

Standby Consulting are specialists in resilience. Our cyber security management offerings include cyber governance and breach response planning, as well as training and embedding exercises for staff at all levels. 

If a face to face tabletop exercise is not really possible in the current climate, then we offer an online facilitator-led Cyber Hacking Exercise. You and other key members of your crisis response team can work together through a realistic cyber-attack, managing any impacts via a simulated virtual desktop where you can chat with each other and other stakeholders, check emails, track the market impacts, make critical decisions and more. Bring your key people together to develop both your skills and processes for managing a cyber breach.  

Contact us for more information about our online cyber response exercise and other cyber security management offerings.

Pandemic Planning – what you need to know to be prepared

Within 24 hours of it becoming public that the Corona Virus pandemic has moved out of China and into Iran and Italy, Standby Consulting received requests from our clients to produce a specific pandemic plan to deal with an outbreak of Covid-19 at their location.

In a “normal” disaster situation, one gets the key players in a room and you work through the event and the solutions and impacts. With a pandemic it is quite different – where group meetings and gatherings are not recommended and special processes for personnel and visitors need to be part of your plan.

For many years the health officials have been telling us to be prepared for a pandemic. As per usual most ignored this warning, but pandemic plans have been one of the scenarios that Standby builds into our clients’ Business Continuity Plans. 

I am pleased to say that from the time the initial calls came about Covid-19, we had produced a plan that met the clients’ needs and sent it to them by the following day. 

We achieved this by using the time zone differences between the locations we operate in; where when one group was sleeping the other group was working on the plan. Also, because our personnel were in different countries, we were able to tap into material from multiple locations. 

One of the challenges with the current event has been to obtain good factual medical information. The information being reported by the various news media was often headline-grabbing with minimal research. Luckily the two base countries we operate in – Bahrain and New Zealand – have been putting out quality information from their ministries of health. 

The importance of Workplace Recovery Sites

Additional challenges to those clients who operate 24 hours a day 365 days a year from a centralised site across several countries was having to consider; “what will happen if our offices are infected and we are closed down by the health authorities?”. Most Business Continuity Plans cover outages of a few days, but for 14 days, such a major outage is a serious event which could cripple an organisation. This is why, with our clients, we focus on having good Workplace Recovery Sites, where people can relocate to work isolated from the main office. We have this in place now with our key clients. 

The incident described occurred in Bahrain where there has been a significant number of infections. Without the inclusion of a workplace recovery site in their plan, operations would have been forced to cease until the local authorities lifted the quarantine. 

For those businesses in New Zealand, you need to think about these issues and plan for a close-down of your operations for 10 days. 

Diversification of supply chain and client base

This event has also highlighted to me a major concern I have had for many years, particularly for manufacturing and other businesses that rely heavily on imports to produce their goods, and that is the danger of “putting all your eggs in one basket”. So many companies seem to be dependent on one country or one location for their key manufacturing or their client base. This is not a good approach and hopefully, people learn from the experience. These risks are the sort of things that need to be identified when preparing your own Business Continuity Plan and you need to have alternatives, or a plan to diversify your supply chain and your source of income. 

Equally if your organisation is a supplier, do not be surprised if your clients start asking to see your plan to deal with a pandemic or event that could impact your services to them. Be warned, be prepared, as Standby is seeing these requests coming in from large international organisations.   

Sam Mulholland is a business continuity consultant and disaster recovery planning specialist. Sam can be contacted through the Standby Consulting New Zealand and Middle East offices should you wish to introduce Pandemic Planning into your Business Continuity Plan.

Working from Home – remote logins a soft target for hackers

With the current Covid-19 pandemic, many organisations are saying there are going to send their staff home and have them work from there. This is a pretty standard response to many Business Continuity Situations. There are some considerations to make around how staff members access your internal network from the outside.

An enforced isolation period will be simpler to manage for the current proportion of employees who have a role that sees them often work from home already, as they will have the processes in place. For others, the adjustment will be more challenging, but the technology we have today makes keeping teams connected and collaborations across locations far more accessible.

However, there is an important factor that cannot be overlooked. These people already working from home are likely to be using a Secure Virtual Private Network (S-VPN) into their worksite. VPNs have security profile tokens installed in them so only those authorised can gain access. 

Not every business will need this level of security, but there are some basics that need to be observed.

The risk of malware on personal computers to access corporate systems

If the remote worker is going to use their home PC, this can create risk of exposure. The dangers of risk are quite considerable, as one does not know what websites they or other members of the family have been to, what malware has been sneaked onto their machine. This type of Malware is just waiting for someone to sign into a corporate site and it will quickly load down its bad code into the corporate and start to trap passwords, sign-ins and other confidential information. 

Home PCs most probably will not have up-to-date or quality virus checkers on them. I have often spoken to home users who tell me they are using a “free” virus checker or do not update their virus checker because it costs money. This is a dangerous practice and one has to ask how much resources these suppliers of free virus checkers are putting into their product or is there an alternative motive – such as putting in their own malware onto the machine.

Keeping sensitive files away from prying eyes

If you do let staff members work from home, make sure they observe your company’s IT security protocols and procedures and do not let their children sign in and play with the machine. Keep any private company material away from small eyes who may talk about what they have seen at school the next day.

Home WiFi a point of weakness

The other thing to be wary of if people are working from home is the security of their Wi-Fi systems. So many people do not change the default Administrator Password on their WI-FI router when it is installed. If your provider does change it, they often do something quite simple and silly, like change it to your telco account number or street number, etc. The bad guys know this and will try and hack their way through your wi-fi router. Once they get in, they then have access to all the equipment on your network, not only your PC and Laptops, but your smart TV, CCTV and other “Internet of Things”. Again, once a route in is established, when your employee is accessing your company systems it is a back door into your systems. 

Two-factor authentication not a guarantee for cyber-security

Just to increase your lack of sleep, two-factor sign-in is not as secure as you think. There is malware on the market now that sits between corporate websites such as Outlook Web, and forwards the two-factor sign-on in realtime to the attacker. This hacking method was identified as a real and significant threat in 2019.

There is also a vulnerability in some telco systems that allow the attacker to intercept SMS from your two-factor sign-in. This attacking system has been noted since 2017 and shows how insecure SMS verification can be when compared with hardware and application keys.

What are the solutions?

By all means, send people home to work but just make sure they are clearly informed of the rules they need to follow to keep your organisation safe from breaches to your security through careless mistakes.

Ask some simple questions around their existing set-up to identify any gaps, and lay down the ground rules for best practices.

There may be other measures you can take internally, depending on how your network is set up. From your position, it is imperative you discuss the risks with your IT security people or your IT Provider before you implement any social isolation of team members.

Sam Mulholland is a business continuity consultant and disaster recovery planning specialist. Sam can be contacted through the Standby Consulting New Zealand and Middle East offices should you wish to know more about Cyber Security and Pandemic Planning for your organisation.