The UK has two bank holidays in May, on the sixth and 27th. Will that mean quieter times for business – travel away from the office, working from home and using shared networks and unknown WIFI hotspots. Such activity increases the risk of cybercriminals gaining access to the business network, and valuable information and assets, warns Karl Barton, Senior Director, International Channels and Alliances at SecureAuth, an identity and access management product company.
Best practice tips on how enterprises can dramatically reduce the risk of becoming a target:
Apply adaptive authentication at the login phase. Addressing security at the identity level can help prevent an attacker from using stolen login credentials. Two-factor authentication is a start, but layering techniques such as geographic location analysis, device recognition, IP address-based threat services, and phone number fraud prevention can stop a bad actor from getting in the front door. This analysis is largely performed in the background, allowing corporations to render stolen credentials useless without negatively impacting the user experience.
Avoid visiting any sites that contain highly sensitive data, while away from a secure network. Unless it’s an emergency, accessing sensitive data should wait until a private and more secure network can be accessed. If travelling for work, employees should only visit websites or use applications that employ encryption. For websites, the web address should start with “https://”, demonstrating a secure connection. Most networks will show a green or grey lock icon next to the URL on sites with valid certificates. Any alerts around a website’s certificate are a red flag.
Never connect to an unknown Wi-Fi hotspot. If in doubt, users can ask a staff member at the information desk which Wi-Fi hotspot is the correct one to use. If users must connect to a public Wi-Fi network, ensure that two-factor authentication is enabled for application and website logins where applicable.
Choose to rely on mobile phone networks for data usage. If possible, simply disable the Wi-Fi and Bluetooth transceivers and opt for mobile networks for data instead. Mobile networks are not impervious to attacks but are far more secure than a public Wi-Fi network.
Karl Barton adds: “Businesses should be proactive about protecting valuable data, especially when remote working is a key facet of the modern workplace. Implementing comprehensive remote working security policies will ensure businesses don’t suffer from the increased agility that is often implemented to drive growth and efficiencies. Once equipped to take precautions, they can be the vanguard helping to maintain the organisation’s security posture.”
