News Local Coronavirus: Cyprus' cyber-security entity shares guidelines for working remotely (infographics)

Coronavirus: Cyprus’ cyber-security entity shares guidelines for working remotely (infographics)

In response to increased requests from companies to their employees to work from home brought about by the Covid-19 outbreak, Cyprus’ national Computer Security Incident Response Team (CSIRT) issued on Friday its guidelines on how to do so safely, as remote work entails some security threats especially for people who are not accustomed to working outside the office.

Here are some guidelines on how you can work more safely at home and ALWAYS through your office computer (NOT personal devices such as mobile phones, laptops, etc.).

1. Security Policy
Each organisation must have a security policy that fully defines the process of remote access to the organisation, at the responsibility of the administrator.

2. Proper location selection
Choose your workspace taking into account not only comfort but also the safety that it provides:

  • Choose a site that gives you as much confidentiality as you need for your work. If you work from home it can be easier than working in a cafeteria or library. Select a place where other people cannot see the screen of the device you are using. We recommend installing a Privacy Film.
  • If you use videoconferencing make sure that the platform you are using is secure and that other people around you are not watching your videoconference.
  • Do not allow your family members to use your work devices. If you must leave your device, lock your device to prevent others from accessing it.
  • Use only encrypted Wi-Fi to connect to the Internet. If you work from home, make sure your home’s Wi-Fi network uses the latest updated security settings.
  • If you want to access servers or tools hosted at your organisation’s premises, use VPN (Virtual Private Network) to connect to your organisation’s network. VPN creates an encrypted tunnel for the flow of traffic on your network and makes it difficult for others to steal the data that is exchanged during the transfer.

3. Data security
There are some customisations you can apply to your devices to reduce the data that attackers can access or if your device is stolen.

  • Use strong authentication to access your device, such as Windows Hello, or a PIN or face recognition, if your device supports it.
  • Use Two-Factor Authentication (2FA) to access any cloud-based tools. 2FA uses two “agents”, such as a password and a PIN that will be sent to your mobile device, or a PIN and a face scan or fingerprint to verify your identity (if supported by the device)
  • Now is the time to think about your passwords. If you use simple passwords, this is the time to upgrade them to safer passwords.
    Password Selection Guidelines:
    -10 characters minimum
    -At least one number
    -At least one special character )[email protected]#$%^&*(
    -At least one capital letter
  • Make sure local drive encryption, such as BitLocker, is enabled. This way, if your device gets lost or stolen, it will be difficult to access local data.
  • Make sure your device is up-to-date with all security updates and that you have a malware protection program, such as Windows Defender, that is actively running.

4. Open communication with the organisation

  • Stay in touch with your organisation while working remotely. The IT department can provide instructions or make new security tools available to you. If you suspect that your device or data has been tampered with in any way, alert those designated by your organisation so they can investigate the situation and take action to prevent further damage.
  • Now, more than ever, resist the temptation to use unauthorised tools or store data outside your organisation’s guidelines. If you need a tool that you do not have to get your job done, contact the managers designated by your organisation. It is quite possible that you will discover systems that do not work as you would expect when you are in the office. Now is the time to let those in charge of your organisation know before you take action.
  • Be alert for phishing emails. Malicious users try to exploit fear and uncertainty by sending emails that appear to come from known authorities or executives in an attempt to entice you to click on malicious links or to transmit your personal information. Never open attachments that you didn’t expect to receive, even if they appear to come from someone you know. It is always advisable to check with the person who sent you the file to verify its validity.
  • Suggested tools for checking web pages and files:

UrlScan – https://csirt.cy/tooling/#urlscan

VirusTotal – https://csirt.cy/tooling/#virustotal

HaveIbeenPwned – https://csirt.cy/tooling/#haveibeenpwned

DomainTools – https://csirt.cy/tooling/#whois-domaintools

BitLocker – https://csirt.cy/tooling/#bitlocker

  • Remote users should not have administrator privileges.
  • Turning off all USB ports used by users is not only necessary for device security, but also an essential prerequisite for safe infrastructure operation.

Read more:

https://in-cyprus.com/coronavirus-moh-launches-new-call-centre-for-information/

Top Stories

Fifteen new corona virus cases detected out of 3,132 tests

According to the Epidemiological Surveillance Unit of the Ministry of Health 15 new cases of the SARS-CoV-II virus were detected out of a total...

Fifty Cypriots interested to be repatriated, Cyprus sends rescue teams – medical supplies to Lebanon

Cyprus Foreign Affairs Minister Nikos Christodoulides has said that 50 Cypriot nationals have shown interest for repatriation from Lebanon until 14:00 local Cyprus time,...

Unemployed people in Cyprus record monthly drop, annual increase this July

Unemployed people registered at the District Labour Offices on the last day of July 2020, reached 32,313 persons, according to a press release issued...

Cypriot Mission’s departure to Beirut (Videos & Images)

Two police helicopters, with a five-member team of the Catastrophe Response Special Unit and members of the Motorised Rapid Action Unit, as well as...

Greek and Qatari planes supply aid to Beirut after massive explosion

The European Union, Turkey and Gulf states are among those offering assistance to Lebanon following an explosion at a warehouse in Beirut that killed...

Taste

Octopus ‘Kathisto’ (or Octopus braised in Wine)

Ingredients: 1/2 cup Greek extra virgin olive oil 2 medium onions, chopped fine 1 large octopus, about 2kg (cleaned and kept whole) 3/4 cup dry red wine 1/3 cup...

Homemade lemonade

Ingredients: 1 cup lemon juice 1 cup sugar Method: Thoroughly wash the lemons with soap and warm water. Roll each lemon with the palm of your hand, pressing...

‘Striftaria’ mini cheese pies

Ingredients 1 ½ cup milk 2 tbsps. flour 4 tsps. of butter 3 eggs, slightly beaten + 1 extra with 1 tbs. of milk for spreading 1 pack of...

Mini potato canapes baked on salt

Ingredients Serves: 12 1kg small Cypriot potatoes rock salt, as needed 250g salted butter 300ml full fat cremé frâiche 1 pot cod or salmon roe Method Prep:20min › Cook:35min › Ready in:55min Take...