Post-Coronavirus Information Security: How Should You Reopen Your Firm?

Cameron G. Shilling
Director, Litigation Department & Chair of Cybersecurity and Privacy Group
Published: New Hampshire Bar News
July 15, 2020

While our attention has been focused on coronavirus, cyber criminals have concentrated on infecting us with different viruses. As we rapidly transitioned to remote work, hackers capitalized on weaknesses like (a) insecure Wi-Fi, (b) employee personal computers used to access firm networks, (c) video conferencing that does not prevent downloading of malware, (d) infected external drives used to store firm information, and (e) compromised/weak passwords used to access email and other primary business systems.

As firms reopen, the return of employees presents not only a risk of transmission of Covid-19, but also a spread to firm networks of cyber viruses. Indeed, many firms are unaware that hackers have already infected their systems via remote access applications used during the pandemic, and are waiting for a return to normal activity before paralyzing firms with ransomware or stealing funds.

To avoid becoming a victim, firms should take as much care when returning employees to their networks as they do returning employees to their offices. The following are a few steps to help ensure information security.

  1. Before returning employees to the network, conduct an ad hoc risk assessment with an experienced information security professional to identify risks to your firm.
  2. Scan all laptops with advanced security software before permitting them to be reconnected to the network. Normal anti-virus/anti-malware is often insufficient to detect the malware, ransomware, and “zero-day” viruses created during the pandemic.
  3. Scan the network with such advanced software before permitting employees to reconnect, to ensure that any malicious application is removed before it can spread.
  4. Require employees to change their passwords before or at the time they reconnect, and ensure that passwords are truly complex.
  5. Implement multi-factor authentication for all primary systems, both on premises and in the cloud.
  6. Ensure all operating systems and applications are updated and patched.
  7. Disable USB ports on firm computers, or ensure that external drives are scanned by the advanced security software whenever connected.
  8. If employees were permitted to access the network using personal computers, terminate such access, recover all firm information, and ensure that such information is permanently erased from those computers.

While we are all eager to return to more normal operations and financial stability, rushing to do so without proper preparation may result in a security incident that is as time-consuming, costly, and as damaging as the coronavirus shut-down. Following the steps above will both diminish the risks that firms face when reopening, as well as create businesses with stronger information security controls for the long term.