Transcript:
Michelle Smith: [00:00:00] Hi everyone. And welcome to cyBARR Chats. A video series featuring BARR specialists covering a range of topics. I’m Michelle Smith, director of marketing and strategic partnerships here at BARR. And today I’m speaking with Whitney Perez. Whitney is a manager here at BARR and she has eight years of experience in it auditing and consulting. So today we’re going to be talking about cybersecurity, best practices to apply. Now that we’re online, more than ever before. So Whitney, what is different about how we should all tackle cybersecurity now versus pre Coronavirus times?
Whitney Perez: [00:00:38] Now we should all be mindful of cybersecurity and security threats, whether or not we are in a pandemic, but as we all know, there has been a huge increase in remote work due to COVID, which led to many companies, as well as individuals wandering how to be secure online and outside of their typical office networks.
No. The first thing that comes to mind is that if you need to remotely access a corporate network, make sure you’re accessing it via a secure VPN with multifactor authentication abled. And we’ve all been hearing news about increased activity in vulnerability, exploitation. A simple way to lower your risk is to keep your computers and mobile devices patched and updated.
Most provide an option to just check, install, updates automatically. Um, enabling the option can be a good idea if you don’t want to check for updates periodically.
Michelle Smith: [00:01:28] Awesome. So what are your top three tips for staying secure online?
Whitney Perez: [00:01:34] For the everyday user, just be mindful of phishing attempts and who you’re giving sensitive information to, you know, try your best, not to use the same password for all of your accounts.
I know that’s very hard and something, you know, I used to do, you know, back in high school and college. Um, and another thing is to use at least eight character complex passwords. Stored any password manager like Lastpass in enable MFA when possible. So that lasts when it really helps you diversify your, your passwords.
So you can make sure to stay as secure as possible.
Michelle Smith: [00:02:06] Great tips. So let’s say for security practices, should everyone be partaking in daily, weekly, monthly.
Whitney Perez: [00:02:15] Sure. Um, in addition to the things that you mentioned, just very simple things, make sure you’re only accessing secure websites, especially those that you’re making online purchases from an easy way is to see that little lock icon next to the URL, and then confirm that the URL is in fact, the one you want it to be sharing information with, especially if you follow a link.
Um, review the email addresses from incoming messages before responding to requests, clicking any links in them to make sure that’s an email you want to be corresponding with. And the last one isn’t really necessarily related to cyber security, but just security practices in general, that come to mind since phone scams are on the rise during COVID.
If you get a phone call from a bank, thank the IRS, a lender, asking you for personal information. Verify that number is. A valid business number and don’t feel rude. Hang up the phone, call all that person back via their corporate, uh, verified number that you can find online. Well, many times banks and especially the IRS, won’t be contacting you via phone.
There’ll be using mail or a secured message channel via your customer portal. Always be mindful of who you’re giving the sensitive information to.
Michelle Smith: [00:03:31] Um, so what would you say is the biggest cybersecurity threat right now?
Whitney Perez: [00:03:35] As far as it relates to COVID, I would say cybercriminals who are seeking to exploit the crisis for financial gain, whether that is hospitals becoming a victim of ransomware or covert theme, schemes, individuals, and company, especially those storing PII need to maintain a level of skepticism and review their security programs to ensure that they are using secure encrypted channels to access, transmit, and store their data.
Michelle Smith: [00:04:01] What are some of the key benefits of working from the cloud right now,
Whitney Perez: [00:04:06] flexibility. The cloud is easily scalable to meet your operating capacity needs and all of your data is easily accessible from remote locations. Uh, another one that comes to mind is disaster recovery. Cloud-based services provide quick data recovery for all kinds of emergency scenarios.
From natural disasters to power outages, and allow for companies to quickly stand up production in a new region or zone. And the last one naturally security. What we’ve been talking about, uh, cloud services tend to make setting up and streamlining security across your environment, environments easier and much easier than managing your security of, you know, each server and each database locally.
In addition, encrypting data in transit, right? The data at rest can be as easy as enabling a setting.
Michelle Smith: [00:04:54] Awesome. Last question. What do you make of the zoom troll issues? How can organizations protect themselves from these uninvited attendees and their zoom meetings?
Whitney Perez: [00:05:04] Yeah, it can be really unnerving to know that someone could be joining your zoom call and sharing, you know, elicit content is a lot of what we’ve been hearing, but also listening in on sensitive conversations.
Um, some easy fixes for that issue could be just, don’t let your audience join the meeting before you. In zoom, this option is just joined before host enable the setting place down when participants join or leave. Yes, it creates a little bit of extra noise, but it can also alert you for the arrival of one of these trolls.
And lastly, disable the file transfer and disable screen share for users. This is not an end all be all solution, but turning the settings off makes it a little bit harder for the trolls.
Michelle Smith: [00:05:53] Perfect. Well, Whitney, thank you so much for your time and expertise today, and we will see everyone next time on cyBARR Chats.