(Advice from Mark W. Schleisner 鈥20K, Naim Glloxhani 鈥20K, Teddy Mutterperl 鈥20K, Ben Milshtein 鈥20K and David Deutscher 鈥20K, students in the 鈥檚 MS in Cybersecurity)
1) Educate yourself on what a COVID-19 scam looks like
Attackers will use phishing emails with malware attachments and links, malware-laden fake apps that pretend to educate you and phony charity or informational websites that try to trick you into donating money (see #9).
2) Use your employer-provided virtual private network (VPN) or purchase one from a trusted vendorA VPN can create an encrypted connection or 鈥渢unnel鈥 between you and your organizations鈥 networks and data. VPNs ensure that corporate tools and applications are used only by users with the right permissions.
3) Maintain secure and well-kept passwordsUse complex passwords of at least 8 characters (with numbers, letters, and special characters). Use multifactor authentication if available, especially with your bank and email accounts (see #6). Change important passwords every 30-60 days and use an online password manager/vault to store your passwords (such as Enpass, LastPass or 1Password).
4) Secure your Wi-Fi access point(s)Change the default password on your router as well as on any other home network devices. Do not connect to any unsecured or unknown Wi-Fi networks; only connect to Wi-Fi networks secured with a password. In configuring your home network, secure it with a unique password, and ensure that it is protected using WPA2, Wi-Fi Protected Access 2.
5) Turn on end-to-end encryption for Zoom video callsIf you communicate via Zoom meetings, enable the end-to-end encryption feature that Zoom provides by signing in to the Zoom web portal and selecting account management > IM management. Then select the IM settings tab at the top of the page. Navigate to the Enable end-to-end chat encryption option and verify that the setting is enabled. If the setting is disabled, click the toggle to enable it.
6) SMS text message-based MFAMultifactor authentication (MFA) verifies a user鈥檚 identity by requiring multiple credentials. After you enter the username and password, MFA requires additional credentials, such as a security code sent via text to a smartphone. Safe and reliable MFA software includes DUO, Microsoft Authenticator and Okta.
7) Update your Antivirus SoftwareInstall reliable antivirus software, such Norton AntiVirus, Kaspersky, Bitdefender, and Windows Defender, and keep it updated. These programs offer real-time monitoring for viruses, malware/spyware, and ransomware. Some will remove any virus or malware found on your local machine.
8) Your work computer should be used ONLY by you and ONLY for job-related activitiesIf other people use your devices for personal use, you lose any cybersecurity protection your work network is providing. The game apps children download may contain malware that targets your work data and spreads to your employer鈥檚 entire network the next time you connect to it.
9) Be aware of trendy phishing campaigns on the internetCybercriminals are exploiting the coronavirus outbreak by creating fake email campaigns to misdirect employees to click on links and/or attachments that seem to be from corporate management but may result in malware being downloaded onto your device.
10) Very Important! Always keep in contact with your employer while working remotely!Since the whole world is affected by the coronavirus, companies may or may not update their policies. Be vigilant in staying in touch by leveraging communication platforms for any policy changes such as remote access, travel and other matters.
