IT professionals urged to secure networks before summer holidays
As the summer holiday season approaches, IT professionals are being urged to consider steps to safeguard their company's network and information. Corey Nachreiner, Chief Security Officer at WatchGuard Technologies, has offered a series of recommendations to help ensure corporate and private identities remain secure while employees are travelling.
Nachreiner emphasises the importance of shutting down all computers and devices that are not needed during the vacation period. "Since we use them every day, many of us always leave our work and home computers – as well as many IoT devices – on. However, if you won't need to connect to them during your holiday remotely, turn them off!" he advises. The rationale is that devices left on are potentially accessible to attacks, depending on their protections. "If it's off, it can't get hacked. If you aren't using it for many days or weeks, why not just shut it off to avoid any chance of an attack?"
For those managing critical production servers, Nachreiner underscores the necessity of keeping these systems updated, even when on holiday. "Before leaving for an extended period, make sure those servers remain safe by applying all software updates to their OS and server software, to fix any vulnerabilities that may have been fixed since your last update," he states. This proactivity aims to mitigate the risk posed by any newly discovered vulnerabilities.
Phishing attempts remain a significant threat, regardless of the season. Nachreiner points out that cybercriminals persist in their activities during the summer and may target individuals with unusual email requests. "If you receive an unusual email about an urgent password change, a payment to a supplier that can't wait, or anything else strange and suspicious, beware! Even if it comes from a known contact, it could be phishing," he warns. Nachreiner suggests verifying the sender's address and refraining from replying to suspicious messages or opening any links or attachments they may contain.
Multi-factor authentication (MFA) is another crucial element in bolstering security. Deploying MFA can significantly obstruct attackers by adding an extra layer of security. "MFA makes it much more difficult to hack into your accounts even when threat actors steal your credentials, and, best of all, you get warned that an attempt is being made to gain unauthorised access to one of your services," explains Nachreiner. This preventative measure ensures enhanced security even in cases where passwords might have been compromised.
Additionally, having contingency plans in place proves vital in limiting the impacts of potential attacks. Preparation involves delineating responsibilities among team members according to their holiday schedules. "These plans should include a breakdown of who should be involved and their responsibilities, outlining scenarios according to team members' holidays," advises Nachreiner. This structured approach ensures that any incidents can be effectively managed, even in the absence of key personnel.
As the summer break draws near, IT professionals are encouraged to implement these practical measures. By following these steps, companies can safeguard their infrastructure and information, allowing employees to enjoy their holidays with greater peace of mind.