News Local Coronavirus: Cyprus' cyber-security entity shares guidelines for working remotely (infographics)

Coronavirus: Cyprus’ cyber-security entity shares guidelines for working remotely (infographics)

In response to increased requests from companies to their employees to work from home brought about by the Covid-19 outbreak, Cyprus’ national Computer Security Incident Response Team (CSIRT) issued on Friday its guidelines on how to do so safely, as remote work entails some security threats especially for people who are not accustomed to working outside the office.

Here are some guidelines on how you can work more safely at home and ALWAYS through your office computer (NOT personal devices such as mobile phones, laptops, etc.).

1. Security Policy
Each organisation must have a security policy that fully defines the process of remote access to the organisation, at the responsibility of the administrator.

2. Proper location selection
Choose your workspace taking into account not only comfort but also the safety that it provides:

  • Choose a site that gives you as much confidentiality as you need for your work. If you work from home it can be easier than working in a cafeteria or library. Select a place where other people cannot see the screen of the device you are using. We recommend installing a Privacy Film.
  • If you use videoconferencing make sure that the platform you are using is secure and that other people around you are not watching your videoconference.
  • Do not allow your family members to use your work devices. If you must leave your device, lock your device to prevent others from accessing it.
  • Use only encrypted Wi-Fi to connect to the Internet. If you work from home, make sure your home’s Wi-Fi network uses the latest updated security settings.
  • If you want to access servers or tools hosted at your organisation’s premises, use VPN (Virtual Private Network) to connect to your organisation’s network. VPN creates an encrypted tunnel for the flow of traffic on your network and makes it difficult for others to steal the data that is exchanged during the transfer.

3. Data security
There are some customisations you can apply to your devices to reduce the data that attackers can access or if your device is stolen.

  • Use strong authentication to access your device, such as Windows Hello, or a PIN or face recognition, if your device supports it.
  • Use Two-Factor Authentication (2FA) to access any cloud-based tools. 2FA uses two “agents”, such as a password and a PIN that will be sent to your mobile device, or a PIN and a face scan or fingerprint to verify your identity (if supported by the device)
  • Now is the time to think about your passwords. If you use simple passwords, this is the time to upgrade them to safer passwords.
    Password Selection Guidelines:
    -10 characters minimum
    -At least one number
    -At least one special character )[email protected]#$%^&*(
    -At least one capital letter
  • Make sure local drive encryption, such as BitLocker, is enabled. This way, if your device gets lost or stolen, it will be difficult to access local data.
  • Make sure your device is up-to-date with all security updates and that you have a malware protection program, such as Windows Defender, that is actively running.

4. Open communication with the organisation

  • Stay in touch with your organisation while working remotely. The IT department can provide instructions or make new security tools available to you. If you suspect that your device or data has been tampered with in any way, alert those designated by your organisation so they can investigate the situation and take action to prevent further damage.
  • Now, more than ever, resist the temptation to use unauthorised tools or store data outside your organisation’s guidelines. If you need a tool that you do not have to get your job done, contact the managers designated by your organisation. It is quite possible that you will discover systems that do not work as you would expect when you are in the office. Now is the time to let those in charge of your organisation know before you take action.
  • Be alert for phishing emails. Malicious users try to exploit fear and uncertainty by sending emails that appear to come from known authorities or executives in an attempt to entice you to click on malicious links or to transmit your personal information. Never open attachments that you didn’t expect to receive, even if they appear to come from someone you know. It is always advisable to check with the person who sent you the file to verify its validity.
  • Suggested tools for checking web pages and files:

UrlScan – https://csirt.cy/tooling/#urlscan

VirusTotal – https://csirt.cy/tooling/#virustotal

HaveIbeenPwned – https://csirt.cy/tooling/#haveibeenpwned

DomainTools – https://csirt.cy/tooling/#whois-domaintools

BitLocker – https://csirt.cy/tooling/#bitlocker

  • Remote users should not have administrator privileges.
  • Turning off all USB ports used by users is not only necessary for device security, but also an essential prerequisite for safe infrastructure operation.

Read more:

https://in-cyprus.com/coronavirus-moh-launches-new-call-centre-for-information/

Top Stories

Three covid deaths in Cyprus, new cases drop further to 157 but fewer tests

  Cyprus recorded three covid deaths over the past 24 hours, raising the number to 170,  113 men and 57 women, with an average age...

Thousands protest in Amsterdam against Dutch coronavirus lockdown

  Several thousand today people held an unauthorised protest in Amsterdam against a national lockdown to slow the spread of the coronavirus pandemic, before being...

Search and rescue crews looking for woman off Larnaca

  The Search and Rescue Coordination Centre in Larnaca received a call around four in the afternoon about a 70 year old woman missing off...

Rapid Test locations on Monday Jan 18

Here are the rapid test locations for Monday January 18 Limassol Apostolos Loukas church, Ayios Athanasios (Ayios Athanasios refugee settlement) 8.30-4.30 Ayios Stylianos church, Linopetra 8.30-4.30 Mesa Yeitonia Cultural Centre...

German FM says COVID curbs should be eased for vaccinated people

  People who have been vaccinated against COVID-19 should be allowed to go to restaurants and cinemas earlier than others, a German minister said, contradicting...

Taste

Squash soup

Ingredients: 1 kg pumpkin, cut into small cubes, approximately 5 cups 2 medium (400g) sweet potatoes, cut into cubes, approximately 2 ½ cups 1 chopped leek, only...

Mezedes

No visit to Cyprus is complete without enjoying the traditional meal of many small dishes known as ‘meze’. This large feast, which has been a...

Prawns with fried cheese, barley shaped pasta

Put the barley shaped pasta into a small pan with salted water, bring to a boil and when tender, drain. Peal the prawns leaving...

Salmon and shrimp sheftalies

Mix all ingredients for tabbouli in a bowl and keep to one side so flavours can combine. Prepare the sheftalies: wash and soak the casing...