Get smarter, faster. Subscribe to our daily newsletter.
Aspects of cybersecurity not to overlook when working from home
Just because your team has gone remote doesn't mean you need to be vulnerable to hacks, breaches, and scams.
- Prior to the COVID-19 outbreak, many enterprises had yet to contemplate a mass work-from-home scenario and were therefore unprepared to support it securely.
- There are practical steps you can take to safeguard confidentiality and cybersecurity with a WFH workforce.
- Applying best security practices to test for vulnerabilities, supervise access controls and password management, secure connections, and apply endpoint encryption can go a long way.
Due to the novel coronavirus situation, billions of people are currently working remotely, many for the first time in their lives. It could be out of personal fears of infection, in obedience of local social distancing regulations, or in accordance with company-wide policies, but the end result is an unexpected shift from the norm of working in the office to working from home (WFH).
Managing a workforce that has been suddenly transformed into a remote one is challenging on many levels, not least because of the need to maintain cybersecurity standards. Prior to the COVID-19 outbreak, many enterprises had yet to contemplate a mass work-from-home scenario, and they therefore lack the policies, devices, or processes to support it securely.
What's more, in recent weeks, companies have been scrambling to preserve their security profiles in the face of an uptick in malicious actors seizing the opportunity to hack corporate systems. That's the bad news. The good news is that you're not powerless. There are practical steps you can take to safeguard confidentiality and cybersecurity with a WFH workforce.
Here are a few of the basics.
1. Set up a VPN for your employees.
A VPN (Virtual Private Network) is the first and most obvious way to secure your organization when employees are logging in from home. When people work from home, they use public internet or weakly-secured WiFi connections to access confidential data in your central database. They also share sensitive files, offering a golden opportunity for hackers to intercept data mid-stream.
A VPN uses strong encryption to create a "tunnel" for any interactions between your employees, and between your employees and your secure corporate network.
Atlas VPN, one of the biggest VPN providers, reports that VPN use has surged in areas with high numbers of coronavirus cases, such as Italy and Spain.
2. Be proactive about testing.
Ignorance can be your biggest danger. If you're used to dealing with a secure internal network, you won't always know where your vulnerabilities and weaknesses lie when it comes to remote access.
This kind of blindness can lead quickly to data breaches that you might not even be aware of until months after the event.
To resolve this issue, use tools like Cymulate's breach and attack simulation platform, which runs simulated attacks across remote connections to assess your cybersecurity risk levels. This can help you determine the extent to which your settings, defenses, policies, and processes are effective, and where you need to make changes in order to maintain a secure organization.
3. Train (and retrain) to minimize human error.
Employees are vital to your success, but they can also cause your downfall. According to security experts at Kaspersky, 52 percent of businesses acknowledge that human error is their biggest security weakness. What's more, some 46 percent of cybersecurity incidents in 2019 were at least partially caused by careless employees.
Employees can cause data breaches in multiple ways, like failing to use a secure connection to download confidential data, forgetting to lock their screens when working in a public place, or falling for phishing emails that install malware on their devices. In addition, your employees might be the first to know about a security breach but choose to hide it out of fear of repercussions, making a bad situation worse.
It's vital to invest time and energy in employee training to ensure that everybody knows how to reduce the risk of successful hacking attacks and is not afraid to report security incidents as soon as they occur. Frequent reminders, online refresher courses, and pop-up prompts help employees take security seriously.
4. Be strict about access control.
Access controls are a vital layer of security around your network. Losing track of who can access which platforms, data and tools means losing control of your security, and that can be disastrous.
Even in "normal" times, 70 percent of enterprises overlook issues surrounding privileged user accounts, which form unseen entrances to your organization. As the WFH situation drags on, it's even more likely that access controls will lag, opening up holes in your perimeter.
In response, use role-based access control (RBAC) to allow access to specific users based on their responsibilities and authority levels in the organization. By monitoring and strategically restricting access controls, you can further reduce the risk that human error might undermine your careful cybersecurity arrangements.
5. Use endpoint encryption on devices and apps.
Because most companies were not yet set up for remote work when the COVID-19 crisis hit, the lion's share of devices used to connect from new home offices are not owned or configured by employers.
And with employees more likely to use their own computers when working from home, endpoint attacks become even more serious. SentinelOne, an endpoint security platform, reported a 433 percent rise in endpoint attacks from late February to mid-March.
Although it can seem difficult to secure endpoints when employees are working remotely, it is possible. SentryBay's endpoint application encryption solution takes a different approach, securing apps in their own "wrappers," as opposed to working on a device security level.
6. Apply multi-factor authentication and strong passwords.
Finally, weak passwords are a known gift for hackers. The problem only grows when employees work from home, as the contextual shift makes it easier for them to ignore reminders from your security team. They are also more likely to share or save credentials for faster remote access when it takes time to get a response from a newly remote security team.
If you don't already use a password manager to force employees to generate strong passwords and avoid sharing or saving credentials, now is the time to begin. CyberArk Enterprise Password Vault requires users to update passwords regularly, enforces multi-factor authentication (MFA) to reduce the chances of hackers entering your network through stolen passwords, and provides auditing and control features so you can track when someone uses or misuses an account.
WFH doesn’t have to undermine network security
With enterprises unprepared for mass remote working, industries worldwide could face a security nightmare. However, applying best security practices and using advanced tools to test for vulnerabilities, supervise access controls and password management, secure connections, and apply endpoint encryption can go a long way.
Make sure your employees know your security policies will help harden your attack surface, improve your cybersecurity posture, and prevent COVID-19 from causing a cybersecurity plague.
- Popular internet scams to watch out for in 2020 - Big Think ›
- SYFER: Complete Cybersecurity VPN Router | StackSocial ›
- Interview: The big challenges for work in the COVID-19 pandemic ... ›
- Glassdoor lists the highest-rated CEOs during COVID - Big Think ›
- How cybercrime has evolved since the pandemic hit - Big Think ›
- How cybercrime has evolved since the pandemic hit - Big Think ›
- How cybercrime has evolved since the pandemic hit - Big Think ›
The COVID-19 pandemic is making health disparities in the United States crystal clear. It is a clarion call for health care systems to double their efforts in vulnerable communities.
- The COVID-19 pandemic has exacerbated America's health disparities, widening the divide between the haves and have nots.
- Studies show disparities in wealth, race, and online access have disproportionately harmed underserved U.S. communities during the pandemic.
- To begin curing this social aliment, health systems like Northwell Health are establishing relationships of trust in these communities so that the post-COVID world looks different than the pre-COVID one.
COVID-19 deepens U.S. health disparities<p>Communities on the pernicious side of America's health disparities have their unique histories, environments, and social structures. They are spread across the United States, but they all have one thing in common.</p><p>"There is one common divide in American communities, and that is poverty," said <a href="https://www.northwell.edu/about/leadership/debbie-salas-lopez" target="_blank">Debbie Salas-Lopez, MD, MPH</a>, senior vice president of community and population health at Northwell Health. "That is the undercurrent that manifests poor health, poor health outcomes, or poor health prognoses for future wellbeing."</p><p>Social determinants have far-reaching effects on health, and poor communities have unfavorable social determinants. To pick one of many examples, <a href="https://www.npr.org/2020/09/27/913612554/a-crisis-within-a-crisis-food-insecurity-and-covid-19" target="_blank" rel="noopener noreferrer">food insecurity</a> reduces access to quality food, leading to poor health and communal endemics of chronic medical conditions. The U.S. Centers for Disease Control and Prevention has identified some of these conditions, such as obesity and Type 2 diabetes, as increasing the risk of developing a severe case of coronavirus.</p><p>The pandemic didn't create poverty or food insecurity, but it exacerbated both, and the results have been catastrophic. A study published this summer in the <em><a href="https://link.springer.com/article/10.1007/s11606-020-05971-3" target="_blank">Journal of General Internal Medicine</a></em> suggested that "social factors such as income inequality may explain why some parts of the USA are hit harder by the COVID-19 pandemic than others."</p><p>That's not to say better-off families in the U.S. weren't harmed. A <a href="https://voxeu.org/article/poverty-inequality-and-covid-19-us" target="_blank" rel="noopener noreferrer">paper from the Centre for Economic Policy Research</a> noted that families in counties with a higher median income experienced adjustment costs associated with the pandemic—for example, lowering income-earning interactions to align with social distancing policies. However, the paper found that the costs of social distancing were much greater for poorer families, who cannot easily alter their living circumstances, which often include more individuals living in one home and a reliance on mass transit to reach work and grocery stores. They are also disproportionately represented in essential jobs, such as retail, transportation, and health care, where maintaining physical distance can be all but impossible.</p><p>The paper also cited a positive correlation between higher income inequality and higher rates of coronavirus infection. "Our interpretation is that poorer people are less able to protect themselves, which leads them to different choices—they face a steeper trade-off between their health and their economic welfare in the context of the threats posed by COVID-19," the authors wrote.</p><p>"There are so many pandemics that this pandemic has exacerbated," Dr. Salas-Lopez noted.</p><p>One example is the health-wealth gap. The mental stressors of maintaining a low socioeconomic status, especially in the face of extreme affluence, can have a physically degrading impact on health. <a href="https://www.scientificamerican.com/index.cfm/_api/render/file/?method=inline&fileID=123ECD96-EF81-46F6-983D2AE9A45FA354" target="_blank" rel="noopener noreferrer">Writing on this gap</a>, Robert Sapolsky, professor of biology and neurology at Stanford University, notes that socioeconomic stressors can increase blood pressure, reduce insulin response, increase chronic inflammation, and impair the prefrontal cortex and other brain functions through anxiety, depression, and cognitive load. </p><p>"Thus, from the macro level of entire body systems to the micro level of individual chromosomes, poverty finds a way to produce wear and tear," Sapolsky writes. "It is outrageous that if children are born into the wrong family, they will be predisposed toward poor health by the time they start to learn the alphabet."</p>Research on the economic and mental health fallout of COVID-19 is showing two things: That unemployment is hitting <a href="https://www.pewsocialtrends.org/2020/09/24/economic-fallout-from-covid-19-continues-to-hit-lower-income-americans-the-hardest/" target="_blank" rel="noopener noreferrer">low-income and young Americans</a> most during the pandemic, potentially widening the health-wealth gap further; and that the pandemic not only exacerbates mental health stressors, but is doing so at clinically relevant levels. As <a href="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7413844/" target="_blank" rel="noopener noreferrer">the authors of one review</a> wrote, the pandemic's effects on mental health is itself an international public health priority.
Working to close the health gap<img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDc5MDk1MS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYxNTYyMzQzMn0.KSFpXH7yHYrfVPtfgcxZqAHHYzCnC2bFxwSrJqBbH4I/img.jpg?width=980" id="b40e2" class="rm-shortcode" data-rm-shortcode-id="1b9035370ab7b02a0dc00758e494412b" data-rm-shortcode-name="rebelmouse-image" />
Northwell Health coronavirus testing center at Greater Springfield Community Church.
Credit: Northwell Health<p>Novel coronavirus may spread and infect indiscriminately, but pre-existing conditions, environmental stressors, and a lack of access to care and resources increase the risk of infection. These social determinants make the pandemic more dangerous, and erode communities' and families' abilities to heal from health crises that pre-date the pandemic.</p><p>How do we eliminate these divides? Dr. Salas-Lopez says the first step is recognition. "We have to open our eyes to see the suffering around us," she said. "Northwell has not shied away from that."</p><p>"We are steadfast in improving health outcomes for our vulnerable and underrepresented communities that have suffered because of the prevalence of chronic disease, a problem that led to the disproportionately higher death rate among African-Americans and Latinos during the COVID-19 pandemic," said Michael Dowling, Northwell's president and CEO. "We are committed to using every tool at our disposal—as a provider of health care, employer, purchaser and investor—to combat disparities and ensure the <a href="https://www.northwell.edu/education-and-resources/community-engagement/center-for-equity-of-care" target="_blank" rel="noopener noreferrer">equity of care</a> that everyone deserves." </p><p>With the need recognized, Dr. Salas-Lopez calls for health care systems to travel upstream and be proactive in those hard-hit communities. This requires health care systems to play a strong role, but not a unilateral one. They must build <a href="https://www.northwell.edu/news/insights/faith-based-leaders-are-the-key-to-improving-community-health" target="_blank" rel="noopener noreferrer">partnerships with leaders in those communities</a> and utilize those to ensure relationships last beyond the current crisis. </p><p>"We must meet with community leaders and talk to them to get their perspective on what they believe the community needs are and should be for the future. Together, we can co-create a plan to measurably improve [community] health and also to be ready for whatever comes next," she said.</p><p>Northwell has built relationships with local faith-based and community organizations in underserved communities of color. Those partnerships enabled Northwell to test more than 65,000 people across the metro New York region. The health system also offered education on coronavirus and precautions to curb its spread.</p><p>These initiatives began the process of building trust—trust that Northwell has counted on to return to these communities to administer flu vaccines to prepare for what experts fear may be a difficult flu season.</p><p>While Northwell has begun building bridges across the divides of the New York area, much will still need to be done to cure U.S. health care overall. There is hope that the COVID pandemic will awaken us to the deep disparities in the US.</p><p>"COVID has changed our world. We have to seize this opportunity, this pandemic, this crisis to do better," Dr. Salas-Lopez said. "Provide better care. Provide better health. Be better partners. Be better community citizens. And treat each other with respect and dignity.</p><p>"We need to find ways to unify this country because we're all human beings. We're all created equal, and we believe that health is one of those important rights."</p>
With just a few strategical tweaks, the Nazis could have won one of World War II's most decisive battles.
- The Battle of Britain is widely recognized as one of the most significant battles that occurred during World War II. It marked the first major victory of the Allied forces and shifted the tide of the war.
- Historians, however, have long debated the deciding factor in the British victory and German defeat.
- A new mathematical model took into account numerous alternative tactics that the German's could have made and found that just two tweaks stood between them and victory over Britain.
Two strategic blunders<p>Now, historians and mathematicians from York St. John University have collaborated to produce <a href="http://www-users.york.ac.uk/~nm15/bootstrapBoB%20AAMS.docx" target="_blank">a statistical model (docx download)</a> capable of calculating what the likely outcomes of the Battle of Britain would have been had the circumstances been different. </p><p>Would the German war effort have fared better had they not bombed Britain at all? What if Hitler had begun his bombing campaign earlier, even by just a few weeks? What if they had focused their targets on RAF airfields for the entire course of the battle? Using a statistical technique called weighted bootstrapping, the researchers studied these and other alternatives.</p><p>"The weighted bootstrap technique allowed us to model alternative campaigns in which the Luftwaffe prolongs or contracts the different phases of the battle and varies its targets," said co-author Dr. Jaime Wood in a <a href="https://www.york.ac.uk/news-and-events/news/2020/research/mathematicians-battle-britain-what-if-scenarios/" target="_blank">statement</a>. Based on the different strategic decisions that the German forces could have made, the researchers' model enabled them to predict the likelihood that the events of a given day of fighting would or would not occur.</p><p>"The Luftwaffe would only have been able to make the necessary bases in France available to launch an air attack on Britain in June at the earliest, so our alternative campaign brings forward the air campaign by three weeks," continued Wood. "We tested the impact of this and the other counterfactuals by varying the probabilities with which we choose individual days."</p><p>Ultimately, two strategic tweaks shifted the odds significantly towards the Germans' favor. Had the German forces started their campaign earlier in the year and had they consistently targeted RAF airfields, an Allied victory would have been extremely unlikely.</p><p>Say the odds of a British victory in the real-world Battle of Britain stood at 50-50 (there's no real way of knowing what the actual odds are, so we'll just have to select an arbitrary figure). If this were the case, changing the start date of the campaign and focusing only on airfields would have reduced British chances at victory to just 10 percent. Even if a British victory stood at 98 percent, these changes would have cut them down to just 34 percent.</p>
A tool for understanding history<p>This technique, said co-author Niall Mackay, "demonstrates just how finely-balanced the outcomes of some of the biggest moments of history were. Even when we use the actual days' events of the battle, make a small change of timing or emphasis to the arrangement of those days and things might have turned out very differently."</p><p>The researchers also claimed that their technique could be applied to other uncertain historical events. "Weighted bootstrapping can provide a natural and intuitive tool for historians to investigate unrealized possibilities, informing historical controversies and debates," said Mackay.</p><p>Using this technique, researchers can evaluate other what-ifs and gain insight into how differently influential events could have turned out if only the slightest things had changed. For now, at least, we can all be thankful that Hitler underestimated Britain's grit.</p>
The next era in American history can look entirely different. It's up to us to choose.
- The timeline of America post-WWII can be divided into two eras, according to author and law professor Ganesh Sitaraman: the liberal era which ran through the 1970s, and the current neoliberal era which began in the early 1980s. The latter promised a "more free society," but what we got instead was more inequality, less opportunity, and greater market consolidation.
- "We've lived through a neoliberal era for the last 40 years, and that era is coming to an end," Sitaraman says, adding that the ideas and policies that defined the period are being challenged on various levels.
- What comes next depends on if we take a proactive and democratic approach to shaping the economy, or if we simply react to and "deal with" market outcomes.
A new MIT report proposes how humans should prepare for the age of automation and artificial intelligence.
- A new report by MIT experts proposes what humans should do to prepare for the age of automation.
- The rise of intelligent machines is coming but it's important to resolve human issues first.
- Improving economic inequality, skills training, and investment in innovation are necessary steps.