News Local Coronavirus: Cyprus' cyber-security entity shares guidelines for working remotely (infographics)

Coronavirus: Cyprus’ cyber-security entity shares guidelines for working remotely (infographics)

In response to increased requests from companies to their employees to work from home brought about by the Covid-19 outbreak, Cyprus’ national Computer Security Incident Response Team (CSIRT) issued on Friday its guidelines on how to do so safely, as remote work entails some security threats especially for people who are not accustomed to working outside the office.

Here are some guidelines on how you can work more safely at home and ALWAYS through your office computer (NOT personal devices such as mobile phones, laptops, etc.).

1. Security Policy
Each organisation must have a security policy that fully defines the process of remote access to the organisation, at the responsibility of the administrator.

2. Proper location selection
Choose your workspace taking into account not only comfort but also the safety that it provides:

  • Choose a site that gives you as much confidentiality as you need for your work. If you work from home it can be easier than working in a cafeteria or library. Select a place where other people cannot see the screen of the device you are using. We recommend installing a Privacy Film.
  • If you use videoconferencing make sure that the platform you are using is secure and that other people around you are not watching your videoconference.
  • Do not allow your family members to use your work devices. If you must leave your device, lock your device to prevent others from accessing it.
  • Use only encrypted Wi-Fi to connect to the Internet. If you work from home, make sure your home’s Wi-Fi network uses the latest updated security settings.
  • If you want to access servers or tools hosted at your organisation’s premises, use VPN (Virtual Private Network) to connect to your organisation’s network. VPN creates an encrypted tunnel for the flow of traffic on your network and makes it difficult for others to steal the data that is exchanged during the transfer.

3. Data security
There are some customisations you can apply to your devices to reduce the data that attackers can access or if your device is stolen.

  • Use strong authentication to access your device, such as Windows Hello, or a PIN or face recognition, if your device supports it.
  • Use Two-Factor Authentication (2FA) to access any cloud-based tools. 2FA uses two “agents”, such as a password and a PIN that will be sent to your mobile device, or a PIN and a face scan or fingerprint to verify your identity (if supported by the device)
  • Now is the time to think about your passwords. If you use simple passwords, this is the time to upgrade them to safer passwords.
    Password Selection Guidelines:
    -10 characters minimum
    -At least one number
    -At least one special character )[email protected]#$%^&*(
    -At least one capital letter
  • Make sure local drive encryption, such as BitLocker, is enabled. This way, if your device gets lost or stolen, it will be difficult to access local data.
  • Make sure your device is up-to-date with all security updates and that you have a malware protection program, such as Windows Defender, that is actively running.

4. Open communication with the organisation

  • Stay in touch with your organisation while working remotely. The IT department can provide instructions or make new security tools available to you. If you suspect that your device or data has been tampered with in any way, alert those designated by your organisation so they can investigate the situation and take action to prevent further damage.
  • Now, more than ever, resist the temptation to use unauthorised tools or store data outside your organisation’s guidelines. If you need a tool that you do not have to get your job done, contact the managers designated by your organisation. It is quite possible that you will discover systems that do not work as you would expect when you are in the office. Now is the time to let those in charge of your organisation know before you take action.
  • Be alert for phishing emails. Malicious users try to exploit fear and uncertainty by sending emails that appear to come from known authorities or executives in an attempt to entice you to click on malicious links or to transmit your personal information. Never open attachments that you didn’t expect to receive, even if they appear to come from someone you know. It is always advisable to check with the person who sent you the file to verify its validity.
  • Suggested tools for checking web pages and files:

UrlScan – https://csirt.cy/tooling/#urlscan

VirusTotal – https://csirt.cy/tooling/#virustotal

HaveIbeenPwned – https://csirt.cy/tooling/#haveibeenpwned

DomainTools – https://csirt.cy/tooling/#whois-domaintools

BitLocker – https://csirt.cy/tooling/#bitlocker

  • Remote users should not have administrator privileges.
  • Turning off all USB ports used by users is not only necessary for device security, but also an essential prerequisite for safe infrastructure operation.

Read more:

https://in-cyprus.com/coronavirus-moh-launches-new-call-centre-for-information/

Top Stories

FM Christodoulides in self-isolation following confirmed case of close associate

  Foreign minister Nicos Christodoulides has become the fourth minister to go into covid self-isolation, following a confirmed case among his close associates. Christodoulides went into...

Concern over rise of covid hospital cases to 38, four critical-new infections over 100

  The Health Ministry today announced 113 new COVID-19 cases, out of 3,112 diagnostic tests, taking confirmed infections to 3,930. The health ministry has expressed concern...

Germany to go into circuit-break lockdown as virus cases surge

  Germany will impose an emergency month-long lockdown that includes the closure of restaurants, gyms and theatres to reverse a spike in coronavirus cases that...

1547-Highest ever number of new covid cases in Greece-deaths on the rise

  Greece recorded one thousand five hundred and forty seven new coronavirus  cases over the past 24 hours, the highest ever number since the start...

Huge 8500 euro fine for unmarked tobacco products

  A twenty nine year old was fined 8 and a half thousand euro for unmarked tobacco products that were discovered by police at his...

Taste

Squash soup

Ingredients: 1 kg pumpkin, cut into small cubes, approximately 5 cups 2 medium (400g) sweet potatoes, cut into cubes, approximately 2 ½ cups 1 chopped leek, only...

Mezedes

No visit to Cyprus is complete without enjoying the traditional meal of many small dishes known as ‘meze’. This large feast, which has been a...

Prawns with fried cheese, barley shaped pasta

Put the barley shaped pasta into a small pan with salted water, bring to a boil and when tender, drain. Peal the prawns leaving...

Salmon and shrimp sheftalies

Mix all ingredients for tabbouli in a bowl and keep to one side so flavours can combine. Prepare the sheftalies: wash and soak the casing...