If many of these threats sound familiar, that’s the “good” news. The other news: Your threat surface has likely expanded exponentially, and you need to act accordingly by narrowing limiting your risks as much as possible.
“As services that have not been traditionally available externally are enabled for remote access, it’s important to keep the attack surface as narrow as possible,” Jack Mannino, CEO, nVisium.
Multi-factor authentication is table stakes, and Mannino advises some other key steps for narrowing your exposure in this new paradigm, too.
“Ensure that all remotely accessible services require multi-factor authentication, whether that’s for VPN access, email access, or applications and web services,” Mannino says. “Ensure that all physical assets (laptops, mobile devices) assigned to employees are full-disk encrypted and protected at the hardware level through firmware security and Trusted Platform Modules (TPMs). With more devices in motion and in transit, the likelihood of loss through theft or misplaced devices increases, especially in logistically challenging times as we’re living in.”