New Articles

Top 4 Teleworking Vulnerabilities (and How to Mitigate Them)

vulnerabilities

Top 4 Teleworking Vulnerabilities (and How to Mitigate Them)

Between social distancing guidelines and stay-at-home orders, it’s clear that we’ll all be spending a lot of time at home.

While many of us might normally work from home a day or two out of each week, few firms are used to having all their staff work from home for weeks at a time. 

This means that many companies have not implemented security measures that are most appropriate for a fully remote team.

To help you make the adjustment, here are some big-ticket vulnerabilities along with recommendations on how to best mitigate them.

1 – Using personal devices

The laptops and desktops your firm owns are secure. They have up-to-date patching and anti-malware. They have simple but important polices like an automatic screen lock. They’re backed up and might even have hard drive encryption and remote wipe capabilities.

Do the personal devices accessing your data even have anti-virus beyond Windows Defender? Are any running Windows 7, which has been out of support for months?

If a vulnerable machine is accessing your firm data, that data becomes vulnerable.

Best practice is to only allow your people to work from firm-owned equipment. If you try purchasing new equipment today, though, you will probably run into significant delays with manufacturing. Your second-best option is to roll out workstation management software to these personal devices. Your IT team can help with this.

2 – Heightened scam activity

Scammers are having a field day with this pandemic. We’re anxious, we’re distracted, we’re working with new and unfamiliar technologies, and we’re accessing confidential data outside of our secure office network.

In a span of just seven hours, cybersecurity company ESET detected 2,500 infections from malicious emails that played on COVID-19 themes. Phishing emails that appear to come from legitimate sources like the World Health Organization offer links or attachments with information about the spread, face masks, a vaccine—anything that will tempt recipients into clicking and infecting their machines with spyware, ransomware, or otherwise.

And the massive success of these scams means that hackers will double-down.

Fortunately, we can avoid these scams by practicing the same awareness tactics you’ve heard before:

-Don’t click links or download attachments you weren’t expecting.

-Watch for poor grammar and generic greetings (sir/ma’am)

-Don’t offer up personal information unless you can verify the request (by calling the sender, logging directly into your Facebook account, etc.)

Regarding coronavirus specifically, be sure to stick to official websites (WHO, CDC) for the latest news on the outbreak.

3 – Not using multi-factor authentication

Multi-factor authentication keeps you protected even if you make a mistake—which, as I mentioned above, is a lot more likely in today’s landscape.

Say you fall for a phishing scam and enter your Office 365 credentials onto a fake web page. But, your Office 365 account is set to send a verification code to your cell phone. Even with your email address and password in-hand, the hacker still can’t access your account unless they’ve also managed to steal your cell phone.

In January 1.2 million Microsoft accounts were compromised. Microsoft has said “multi-factor authentication would have prevented the vast majority of those one-million compromised accounts.”

Work with your IT team to (forcibly) enable multi-factor authentication on as many applications as you can. This is often not labor-intensive, and it can do wonders to keep your accounts locked down.

4 – Sharing devices with others

If you live with roommates or family members, you may find them asking to borrow your machine for anything from their distance learning assignments to streaming movies.

Whether this machine is personal device or owned by the firm, letting others onto the same equipment being used to store and access client data puts that data at risk. It only takes one wrong click to put your threat detection and response software—assuming any is installed—to the test.

And in some cases, someone just seeing an open document on your machine is a compliance violation.

Your firm policy may already have guidelines against sharing devices, but keep in mind that this is new territory for all of us, and that some may need help finding an alternative.

_________________________________________________________________

Heinan Landa, CEO and Founder of Optimal Networks, a globally-ranked IT services firm, and author of The Modern Law Firm: How to Thrive in an Era of Rapid Technological Change.

services

WITH ZOOM, WE ARE ALL TRADING IN SERVICES

New Modes of Living and Working

As we struggle to maintain continuity in our work and school lives during the pandemic, technology has come to our aid.

Those of us who work on teams spread throughout the country or the world have already unlocked the secrets of online collaboration platforms like Slack and Quip. (We use Quip at TradeVistas for project management.) Others are quickly moving to them or discovering functionality they previously overlooked in Microsoft Teams or similar business software.

“Zoom” has become a verb for online video conferencing the way Skype had been for years for international communication. The class I teach at Georgetown is completely online. (We were already extensively using the learning management system called Canvas). The university reported last week they reached a high of 1,459,100 minutes of instruction on Zoom in just one day.

Biggest Week Ever in Business App Downloads

Video conferencing apps Google Hangouts, Houseparty, Microsoft Teams and ZOOM Cloud Meetings saw major jumps in use in the United States and Europe. According to App Annie, during the week of March 15-21 alone, business apps surpassed 62 million downloads worldwide across iOS and Google Play, apparently the biggest week ever.

With the exception of middle and high schoolers hanging out on Houseparty, many of us working online are exchanging professional, technical, business and other commercial services. If your client or customer is overseas, you are likely delivering what’s called a cross-border service. No better time to appreciate this major component of global trade.

The WTO Modes of Services

In the World Trade Organization (WTO), negotiators divided up services trade into four “modes of delivery” related to where the supplier and consumer are located at the time of the transaction. In Mode 1, known as cross-border trade, the parties are in separate countries and the service is most likely provided digitally via email or through an online platform. One example is consulting services – perhaps a report delivered over email.

In Mode 2, known as consumption abroad, the consumer travels to another territory to receive the service. Examples include hospitality services associated with tourism, medical treatment, or a “semester abroad” at a foreign university. Mode 3 involves putting out a shingle to provide services in another country, known as commercial presence. Finally, in Mode 4, the service provider travels to the customer such as a software engineer working on a project overseas on a temporary visa.

Ascendant Modes of Trade in Services

Every day we engage in or benefit from some form of globally traded services, though we rarely think of it. Among the biggest traditional components of global trade in services are transport and travel – including the trains and ships that move cargo, and the planes that move people across international borders for work and tourism. We’ve written before about how important the tourism is to the global economy – global travel exports were worth $1.7 trillion in 2018.

But other less obvious components of globally traded services have grown larger in recent years. According to the WTO’s 2019 World Trade Statistical Review, the “use of intellectual property” as a service exceeded $3.1 trillion in 2018. The most dynamic services sector continues to be telecommunications, computer and information services (or ICTs), which grew more than 15 percent in 2018.

The Multiplier Effect of Digital Technologies

Telecommunications, computer and information services offer multiplier effects – they create efficiencies and infrastructure that enable new products and new services. Financial technologies bring about cashless payment systems, online platforms like Spotify enable music streaming, technologies embedded in your thermostat promote smart energy use through an app on your phone, sensors on machines inform computers when repairs may be needed. Micro-entrepreneurs sell their products globally through Etsy, eBay or Amazon Web Services.

Enterprise software, cloud computing, data processing and analytics services can help make any business more productive and profitable. They are the backbone of production, distribution and marketing of many physically traded goods while facilitating trade with customers anywhere in the world digitally.

Eighty percent of all U.S. jobs are in services-providing industries. The definition of a “tradable service” is constantly changing and expanding. In 2018, U.S. exports of ICT services alone were valued at $71.4 billion while service exports enabled by ICTs added another $451.9 billion. The U.S. Bureau of Economic Analysis estimates that services potentially enabled by ICTs accounted for 55 percent of total U.S. services exports. Yet the United States is fourth in globally exported ICT services, narrowly behind China, India and far behind the European Union.

Growth in ICT enabled services

The Doctor Will “See” You Now

The scourge of the COVID-19 pandemic, with its prolonged and widespread “stay at home” restrictions, is forcing all of us to shift or accelerate our digital habits. We have no choice but to buy non-essentials online. Our kids are e-learning. Doctors are seeing patients online when not critical. Graduating students will have virtual commencements. And most of us are forced into video conferencing all…the…time.

And while many people will be binge watching or gaming (WarnerMedia, Disney Plus, Netflix and Hulu all reported 65 and 70 percent jumps in number of streaming hours), some of us are trying to continue working online, despite these bandwidth hogs. Some businesses have no choice but to cope by providing virtual services – tax advisors are using secure document portals and phone consultations while fitness instructors check your form by webcam. These are stopgap measures now that might augment their businesses when things go back to “normal”.

LinkedIn With One Another

Recently, I decided to join a LinkedIn Live presentation by one of my favorite business gurus. I was astounded at the scrolling list of locations from where viewers were joining: United Kingdom, South Africa, Romania, Tunisia, Qatar, Poland, Pakistan, Jamaica, India, Colombia, Sudan, Turkey, Lebanon, Yemen and Afghanistan. On and on it went – I stopped writing them down. Nearly the entire world is experiencing the effects of the pandemic in some way, but through modern telecommunications and information technologies, we stay connected.

Those of us who can provide our global services online are the lucky ones. Our appreciation goes out to those workers who are keeping factories running to make essentials, who drive trucks and who staff pharmacies and grocery stores to ease our ability to work and learn from home, out of harm’s way.

____________________________________________________________

Andrea Durkin is the Editor-in-Chief of TradeVistas and Founder of Sparkplug, LLC. Ms. Durkin previously served as a U.S. Government trade negotiator and has proudly taught international trade policy and negotiations for the last fifteen years as an Adjunct Professor at Georgetown University’s Master of Science in Foreign Service program.

This article originally appeared on TradeVistas.org. Republished with permission.