Featured Article – Maintaining Security on Employee Exit

When employees leave (or are asked to leave) or retire from businesses and organisations, those entities still have a legal responsibility to ensure that security levels are maintained with regards to data security.

Laws For Data

The General Data Protection Regulation (GDPR) and the Data Protection Act 1998 are the main legislative frameworks covering how a businesses or organisation in the UK should manage the protection and handling of data. Within these, the data controller (i.e. you and your company/organisation) hold the responsibility for data matters.

Protecting that data is vitally important both to protect those who the company holds data about, and to protect the company itself from legal penalties, damage to reputation and more.  As well as personal data, your business needs to ensure that other sensitive data such as financial records, intellectual property and details about company security controls are all protected.

Threats

In addition to legal responsibilities for data protection, businesses must also address other potential threats as part of due diligence and hopefully, of a built-in company procedure when an employee leaves for whatever reason. For example:

– Damage and Disruption – In addition to the risk of data theft, attacks on a company’s systems and network, which may have been facilitated by not having security measures or procedures in place for employees leaving/retiring, can cause costly and disruptive damage and disruption.

– Insider Threat – One of the dangers of not managing the departure of an employee properly is that your business could then have an ‘insider threat’ i.e. a former employee, contractor or partner with access rights and logins that still work. 

Security and Employee Exit

Clearly, there are many areas to be covered to manage employee exit from a security perspective.  Here are some pointers for managing the security aspects of an employee’s departure:

– Email is a window into company communications and operations and a place where sensitive data is exchanged and stored. It is also a common ‘way in’ for cyber-criminals.  With this in mind, managing the email aspects of security when an employee leaves/retires is vitally important.  Measures that can be taken include revoking access to company email, setting up auto-forwarding and out-of-office replies, while making sure that you mention who the new contact is. Also, it’s important to revoke access to/remove login credentials for other email programs used by the company to communicate with customers and other lists of stakeholders e.g. mass mailing programs with stored lists, such as Mailchimp.

– Company Systems and Networks. Employees have login details and rights/permissions for company computer systems and networks.  These should be revoked for the employee when they leave.

– CRMs provide access to all manner of data about the company, its customers, its other stakeholders, sales, communications and more. Login access should be revoked when an employee leaves.

– Collaborative Working Apps/Platforms and shared, cloud-based, remote working platforms e.g. Teams or Slack also contain direct access to company data. Make sure that a departing employee can no longer have access to these groups.

– If the departing employee has a personal voicemail message on the company phone, this will need to be changed.

– A leaving employee will need to return all company devices, and this implies that a company should have procedures in place to keep a record of which company devices have been allocated to each employee.

– Retrieval of any backup/storage media e.g. USBs may also help to prevent some security threats.

– Although it is best to store all online documents in a shared company folder that you have control over e.g. in OneDrive, it is possible that an employee has stored items in separate folders on their computer. Making sure that these are transferred to you or deleted when the employee leaves can help to maintain levels of security.

– Having a policy in place for the regular changing of passwords can work well anyway as a fail-safe but also, changing any passwords shared with multiple members of staff is an important measure to take when an employee leaves.

– If the departing employee was authorised to use company credit/debit cards, changing the PINs for those cards is another step that needs to be taken to maintain security with the company/organisation’s finances.

– Letting the company team/person responsible for IT security know that a person has left, particularly if the person left ‘under a cloud’, is another way that you can help to close security loopholes.

– Making sure that all company-related keys, pass cards, ID cards, parking passes, and any other similar items are retrieved is something that should be done before the ex-employee leaves the premises for the last time.

– If the employee has been issued with physical documents (e.g. a handbook) that contains information and data that could threaten company security, these need to be retrieved when the employee leaves.

– If the departing employee’s email address and extension feature on the website and/or is that employee is featured as being in the role that they are departing from, this needs to be removed from the website.  Also, check that company social media doesn’t indicate that the departed employee is still in their role e.g. on LinkedIn and Facebook.  You may also wish to make sure that the ex-employee doesn’t feature in the business online estate e.g. at the top of the website home page or other prominent pages.

Responsibility of the Employee

It should not be forgotten that employees who leave or retire from their jobs also have a legal responsibility as regards not taking company data with them.  A case in point, from 2019, led to the Information Commissioner’s Office (ICO) to warn those retiring or taking a new job that under the Data Protection Act 2018, employees can face regulatory action if they are found to have retained information collected as part of their previous employment.  The case which led to the warning from the ICO related to two (former) police officers who were investigated under previous Data Protection Act 1998 legislation after it was alleged that they had retained personal data in the form of notebooks that they had used while serving. 

The warning in the ICO’s statement was that the Data Protection Act 1998 has since been strengthened through the Data Protection Act 2018, to include a new element of “knowingly or recklessly retaining personal data” without the consent of the data controller (see section 170 of the DPA 2018).

The only exceptions to this new part of the new Act are when it is necessary for the purposes of preventing or detecting crime, is required or authorised by an enactment, by a rule of law or by the order of a court or tribunal, or whether it is justified as being in the public interest.

ICO Warning – Retiring or Taking a New Job

The ICO has also warned that anyone who deals with the personal details of others in the course of their work, private or public sector, should take note of this update to the law, especially when employees are retiring or taking on a new job because those leaving or retiring can now be held responsible if the breach of personal data from their previous employer can be traced to their individual actions.

Prosecution Example

Examples of where the ICO has prosecuted for this type of breach of the law include a charity worker who, without the knowledge of the data controller (Rochdale Connections Trust), sent emails from his work email account (in February 2017) containing sensitive personal information of 183 people.  Also, a former Council schools admission department apprentice was found guilty of screen-shotting a spreadsheet that contained information about children and eligibility for free school meals and then sending it to a parent via Snapchat.

Moving Forwards

Maintaining the company/organisation’s security (physical, data and financial), are vital to its survival.  Making sure that procedures are in place to cover security in the event of ‘employee exit’ could save the company from preventable threats in the future.

Research Indicates Zoom Is Being Targeted By Cybercriminals

With many people working from home due to coronavirus, research by Check Point indicates that cyber-criminals may be targeting the video conferencing app ‘Zoom’.

Domains

Cybersecurity company ‘Check Point’ reports witnessing a major increase in new domain registrations in the last few weeks where the domain name includes the word ‘Zoom’.  According to a recent report on Check Point’s blog, more than 1700 new domains have been registered since the beginning of the year with 25 per cent of them being registered over the past week. Check Point’s research indicates that 4 per cent of these recently registered domains have “suspicious characteristics”, such as the word ‘Zoom’.

Concern In The U.S.

The huge rise in Zoom’s user numbers, particularly in the U.S. has also led New York’s Attorney General, Letitia James, to ask Zoom whether it has reviewed its security measures recently, and to suggest to Zoom that it may have been relatively slow at addressing issues in the past.

Not Just Zoom

Check Point has warned that Zoom is not the only app that’s being targeted at the moment as new phishing websites have been launched to pass themselves off as every leading communications application.  For example, the official classroom.google.com website has been impersonated by googloclassroom.com and googieclassroom.com.

Malicious Files Too

Check Point also reports detecting malicious files with names related to the popular apps and platforms being used by remote workers during the coronavirus lockdown.  For example, malicious file names observed include zoom-us-zoom_##########.exe” and “microsoft-teams_V#mu#D_##########.exe” (# is used here to represent digits). Once these files are run, InstallCore PUA is loaded onto the victim’s computer.  InstallCore PUA is a program that can be used by cyber-criminals to install other malicious programs on a victim’s computer.

Suggestions

Some ways that users can protect their computers/devices, networks and businesses from these types of threats, as suggested by Check Point, include being extra cautious with emails and files from unfamiliar senders, not opening attachments or clicking on links in emails (phishing scams), and by paying close attention to the spelling of domains, email addresses and spelling errors in emails/on websites.  Check Point also suggests Googling the company you’re looking for to find their official website rather than just clicking on a link in an email, which could redirect to a fake (phishing) site.

What Does This Mean For Your Business?

This research highlights how cyber-criminals are always quick to capitalise on situations where people have been adversely affected by unusual events and where they know people are in unfamiliar territory.  In this case, people are also divided geographically and are trying to cope with many situations at the same time, may be a little distracted, and may be less vigilant than normal.

The message to businesses is that the evidence from security companies that are tracking the behaviour of cyber-criminals is that extra vigilance is now needed and that all employees need to be very careful, particularly in how they deal with emails from unknown sources, or from apparently known sources offering convincing reasons and incentives to click on links or download files. 

Google Warns Against Disabling Websites During Lockdown

Google has warned businesses that are tempted to disable or temporarily close their online business website during the coronavirus outbreak not to do so, as this could have a lasting, detrimental effect on its (SEO) search engine rankings.

Why Disable or Close Down The Website?

The coronavirus outbreak has meant reduced orders for many businesses but has also left many businesses unable to fulfil orders, or in a position where many products are out of stock.  Where the website for these businesses is the online shop, this has led to some business owners deciding to disable or close the website temporarily.

Bad Idea

Although this may sound like a reasonable idea from a practical business perspective, Google has warned that doing so could adversely affect the website’s search engine position in a significant way, even after it has been restored.  Google has advised that an “extreme” measure like removing a site completely from its Google’s index is “a significant change that can take quite some time to recover from”. 

Google has also said that there is no fixed time for a recovery from a complete website removal and that it has no mechanism to speed a recovery of a website in its search engine rankings after that site has been taken down and then put back up.

Lose Access To Information

Taking your website down temporarily will also mean that Google’s Search Console verification will fail, you will no longer have access to information about your business in Search, and you will lose potentially valuable data from the Aggregate reports in Search Console (as pages are dropped from Google’s index).

Other Reasons

In addition to damaging the position of a website in Google’s search engine rankings, Google suggests that other reasons why temporarily taking down a website would be a bad idea for a business include:

– Confusing customers.  Customers won’t know what’s happening and may even assume that that business has closed. Also, if Customers/potential customers can’t find first-hand details about you and your products/services and are forced to look for third-party information about your business, this may not be as correct or comprehensive.

– Making it more difficult to gain ground in future.  Restoring a website after a break means having to wait for re-indexing.

Better To Limit Your Website’s Functionality

Google advises that it is better, and less risky (in terms of losing rankings) to simply limit the functionality of your website rather than totally disabling the website without following Google’s best practice advice.  Limiting functionality while retaining search visibility can include disabling the cart functionality, displaying a banner or pop-up to explain the situation to customers, updating structured data and local business structured data, checking the Merchant Centre feed, and telling Google about the updates.  This could mean using the Search Console to ask Google to re-crawl a limited number of pages or using sitemaps to ask Google to re-crawl a larger number of pages e.g. product pages.

Other Advice

Google has issued advice about the proper procedure for situations where businesses feel that they need to disable their website for e.g. a couple of days. See: https://developers.google.com/search/docs/guides/pause-online-business#best-practices-disabling-site 

What Does This Mean For Your Business?

Clearly, disabling functionality while retaining the kind of search engine visibility that it has taken a lot of time (and money) to build up, and is vital to the life of the business is preferable, in most cases, to completely disabling a website without following best practice advice. 

If you feel that you must take a site down for a short period, it is certainly worth following Google’s best practice advice when doing so (see the ‘Other Advice’ paragraph above for the link). 

Data Caps Removed During Pandemic

The UK government has announced that the UK’s big ISP’s are removing caps on data for fixed-line broadband during the coronavirus pandemic.

Fixed-Line Broadband

The joint announcement by the companies, government and Ofcom will affect fixed-line broadband packages, many of which (apart from discounted packages for people on benefits) already offer unlimited data.

Which Companies?

The welcome move, which has been agreed between the government and ISPs/telecoms companies and is effective immediately, is in addition to any deals that the ISPs have already announced and applies to Virgin Media, Sky, O2, BT (Openreach and EE), TalkTalk, Three and Vodafone. Also removing data caps are Gigaclear, Hyperopic and Kcom (but not for Kcom’s gaming, streaming and downloading media).

More Help

The agreement between the government and the ISPs also includes other helpful measures such as help for those customers struggling to pay bills as a result of the pandemic, moving vulnerable customers to the front of the queue for repairs, and improving mobile and landline package deals.

The government hopes that the deal agreed with the communications companies will help to support and protecting vulnerable customers and older people as well as helping the UK communications network cope with the extra demand, and help people stay connected while staying at home. This, in turn, will help businesses whose employees are working at home, and families who are also likely to need extra capacity.

Welcome, But More Detail Required

Although the deal has been generally welcomed, some have criticised the announcement has lacking detail.

Vodafone Helping The Vulnerable

Last week, Vodafone announced that it is offering 30-days free access to unlimited mobile data for half a million of its Pay Monthly customers as well as upgraded the contracts for those who are categorised as vulnerable. Vodafone is informing eligible customers by text.

Tips From Ofcom

Ofcom’s website offers some general tips on how to ‘stay Connected during the coronavirus’ on its website here: https://www.ofcom.org.uk/phones-telecoms-and-internet/advice-for-consumers/stay-connected.

What Does This Mean For Your Business?

Even though many fixed-line broadband packages already offer unlimited data, this is still likely to be a welcome and helpful development both for those working from home and the businesses they work for. Also, the deal is likely to be helpful for families and individuals simply using more data for entertainment while sitting-out coronavirus restrictions. It is also good that vulnerable people have also been considered in the government/Ofcom/ISP deal, and the fact that it is effective immediately.

The criticism, so far, is that despite the announcement, which was widely reported, there hasn’t been much more detail. This may be understandable, however, given that there is a global crisis and that everyone in the UK is currently living under restrictions which are undoubtedly affecting the normal flow of communications in many businesses and organisations.

Tech Tip – Taking Care of Your Laptop

Here are some tips for keeping your laptop battery in good condition and the screen nice and clean:

The Battery

– Avoid using the laptop in very hot places and avoid causing the laptop to overheat, as this can drain more power from the battery.

– Avoid draining the battery completely before charging it again.

– Check the power settings and learn which battery settings to enable.

– Make sure your laptop’s hibernation feature happens before the battery is drained and during downtime.

– Check which (unnecessary) apps are running in the background and stop them from doing so.  With Windows 10, this can be helped by enabling the ‘Battery Saver’.

– With MacBooks, consider enabling Power Nap and automatic graphics switching.

The Screen

To keep the screen of your laptop clean without damaging it:

– Use a microfibre cloth (not a paper towel or tissue), and preferably one that’s suitable for lens or glasses cleaning. You could also use a soft duster.

– Shut the laptop down first (so you can see the dust), press gently when cleaning and wipe in one direction.

Featured Article – Microsoft Teams User Numbers Up By 12 Million In A Week

Microsoft’s collaborative working platform ‘Teams’ is reported to have seen a massive 12 million user boost in one week as a result of remote-working through the coronavirus outbreak, and through Microsoft making the platform generally available through Office 365 from March 14.

What Is Teams?

Teams, announced in November 2016 and launched by Microsoft in 2017, is a platform designed to help collaborative working and combines features such as workplace chat, meetings, notes, and attachments. Described by Microsoft as a “complete chat and online meetings solution”, it normally integrates with the company’s Office 365 subscription office productivity suite. In July 2018, Microsoft introduced a free, basic features version of Teams which did not require an Office 365 account, in order to increase user numbers and tempt users away from competitor ‘Slack’.

Microsoft Teams is also the replacement for Skype for Business Online, the support for which will end on 31 July 2021, and all-new Microsoft 365 customers have been getting Microsoft Teams by default from 1 September 2019.

March 14

Microsoft Corp. announced on March 14 that Microsoft Teams would be generally available in Office 365 for business customers in 181 markets and 19 languages.

Increased To 44 Million Users

The move to make Teams generally available to businesses with Office 365, coupled with a mass move to remote working as a result of COVID-19 has resulted in 12 million new users joining the platform in a week, bringing users up from 32 million on 11 March to 44 million users a week later.  The number is likely to have increased significantly again since 18 March.

What Does Teams Offer?

Microsoft Teams offers threaded chat capabilities which Microsoft describes as “a modern conversations experience”, and built-in Office 365 apps like Word, Excel, PowerPoint, OneNote, SharePoint and Power BI.  Also, Teams offers users ad-hoc (and scheduled) voice and video meetings and has security and compliance capabilities built-in as it supports global standards, including SOC 1, SOC 2, EU Model Clauses, ISO27001 and HIPAA. Users are also able to benefit from the fact that workspaces can be customised for each team using tabs, connectors and bots from third-party partners and Microsoft tools e.g. Microsoft Planner and Visual Studio Team Services. Microsoft says that more than 150 integrations are available or coming soon to Teams.

New Features

Microsoft reports that it has added more than 100 new features to Teams since November 2019.  These include an enhanced meeting experience (with scheduling), mobile audio calling, video calling on Android (coming soon to iOS), and email integration.  Teams has also benefited from improvements to accessibility with support for screen readers, high contrast and keyboard-only navigation.

Walkie-Talkie Phone

In January, Microsoft announced that it was adding a “push-to-talk experience” to Teams that turns employee or company-owned smartphones and tablets into walkie-talkies.  The Walkie Talkie feature, which can be accessed in private preview in the first half of this year and will be available in the Teams mobile app, offers clear, instant and secure voice communication over the cloud. 

Competition

There are, of course, other services in competition with Microsoft Teams. Slack, for example, is a cloud-based set of proprietary team collaboration tools and services.  Slack enables users (communities, groups, or teams) to join through a URL or invitation sent by a team admin or owner.  Although Slack was intended to be an organisational communication tool, it has morphed into a community platform i.e. it is a business technology that has crossed over into personal use. 

That said, Slack reported in October last year that it had 12 million daily active users, which was a 2 million increase since January 2019. 

Slack has stickiness and strong user engagement which help to attract businesses that want to get into using workstream collaboration software but, it faces challenges such as convincing big businesses that it is not just a chat app and that it is a worthy, paid-for alternative to its more well-known competitors like Microsoft’s Teams.

Like Teams, Slack has just introduced new features and has experienced a surge of growth in just over a month. 

Another competitor to Microsoft’s Teams is Zoom, which is a platform for video and audio conferencing, chat, and webinars that is often used alongside Google’s G Suite and Slack.  It has been reported that Zoom is now top of the free downloaded apps in Apple’s app store, and Learnbonds.com reports that downloads for Zoom increased by 1,270 per cent between February 22 and March 22.

Real-Life Example – Teams

A real-life example from Microsoft of how Teams is being put to good use is by bicycle and cycling gear company Trek Bicycle.  Microsoft reports how Teams has become the project hub for the company where all staff know where to find the latest documents, notes, tasks relating to team conversations thereby making Teams a central part of the company’s “get-things-done-fast culture.”

Looking Forward

Many businesses are already using and gaining advantages from the speed and scope of communication, project context, and convenience of a cloud-based, accessible hub offered by collaborative working platforms like Teams.  The decision to make Teams generally available with Office 365 for business can only make the platform more popular and the need for companies to quickly set-up effective remote working has stimulated the market for these services and given users a crash-course in and a strong reminder of their strengths and benefits. 

The hope by Microsoft and other collaborative working platform providers is that companies will go on using the platforms long after they technically need to in order to deal with COVID19 lockdown and that they will decide to use them going forward to keep improving the flexibility and productivity of their businesses, compete with other companies that are getting the best from them, and guard against excessive damage to the business from any future lockdown situations.

Viruses Killed By Robots

Robots armed with UV-C ultraviolet light beams that can effectively disinfect surfaces in a hospital room in 10-20 minutes are helping in the fight against COVID-19.

UVD Robots, Denmark

The robots, which are reported to have been shipped in considerable numbers to Wuhan in China, Asia, and parts of Europe are manufactured in Denmark’s third-largest city, Odense, by the UVD Robots company.  The manufacturers say that if used as part of a regular cleaning cycle, they could prevent and reduce the spread of infectious diseases, viruses, bacteria, as well as other types of harmful organic microorganisms.

Breaks Down DNA

These smart robots, which look a little like a printer on wheels with several light-sabres arranged vertically in a circle on top, can autonomously clean traces of viruses from a room by ‘burning’ them from surfaces using UV-Wavelength: 254NM (UV-C light) in a way that breaks down the DNA-structure of the virus.

Research and Testing

The UVD robots are the product of 6 years research, design, development, and testing by leading, reputable organisation Blue Ocean Robotics, and the Danish Healthcare Authority (supported by leading microbiologists and hygiene specialists from Odense University Hospital).

How?

The Ultraviolet germicidal irradiation (UVGI) method of disinfection, which has been in accepted use since the mid-20th century, involves using short-wavelength ultraviolet (UV-C) to disrupt the DNA of microorganisms so that they can no longer carry out cellular functions.

Features

The features of UVD’s cleaning robots include 360-degree disinfection coverage, a 3-hour battery charge, and software and sensor-based safety features.  The operating time per charge for the UV module is 2-2.5 hours (equal to 9-10 rooms).  It is claimed that these units can kill up to 99.99 per cent of bacteria.

HAIs

The primary purpose of the robots is to help and improve quality of care for hospitals and healthcare facilities around the world by providing an effective, low human risk, 24-hour available way to eradicate the kind of Hospital Acquired Infections (HAIs) which affect millions of patients (and kill several thousand) each year.

The COVID-19 outbreak which has led to many healthcare environments being overwhelmed with large numbers of patients has, therefore, made the need for this kind of cleaning/disinfecting system seem very attractive.

What Does This Mean For Your Business?

Now, more than ever in living memory, having a device that can simply, automatically, quickly and effectively get on with the cleaning of hospital rooms on-demand, without worrying about infection (as may be the case for human cleaners), and without putting more human resource demands on hospitals must be invaluable, and would account for the increase in orders internationally. Devices like these show how a combination of technologies can be combined to create real value and tackle a problem in an effective way that could benefit all of us.

Facebook Video Quality Reduced To Cope With Demand

Facebook and Instagram have reduced the quality of videos shared on their platforms in Europe as demand for streaming has increased due to self-isolation.

Lower Bitrate, Looks Similar

The announcement by Facebook that a lowering of the bit-rates for videos on Facebook and Instagram in Europe highlights the need to reduce network congestion, free-up more bandwidth, and make sure that users stay connected at a time where demand is reaching very high levels because of the COVID-19 pandemic.  The move could have a significant positive impact when you consider that Facebook has around 300 million daily users in Europe alone, and streaming video can account for as much as 60% of traffic on fixed and mobile networks.

Although a reduction in bit-rates for videos will, technically, reduce the quality, the likelihood is that the change will be virtually imperceptible to most users.

Many Other Platforms

Facebook is certainly not the only platform taking this step as Amazon, Apple TV+, Disney+ and Netflix have also made similar announcements.  For example, Netflix is reducing its back video bit rates while still claiming to allow customers to get HD and Ultra HD content (with lower image quality),  and Amazon Prime Video has started to reduce its streaming bitrates as has Apple’s streaming service.

Google’s YouTube is also switching all traffic in the EU to standard definition by default.

BT Say UK Networks Have The Capacity

BT’s Chief Technology and Information Officer, Howard Watson, has announced that the UK’s advanced digital economy means that it has overbuilt its networks to compensate for HD streaming content and that the UK’s fixed broadband network core has been built with the extra ‘headroom’ to support evening peaks of network traffic that high-bandwidth applications create. Mr Watson has also pointed out that since people started to work from home more this month, there has been a weekday daytime traffic increase of 35-60 per cent compared with similar days on the fixed network, peaking at 7.5Tb/s, which is still only half the average evening peak, and far short of the 17.5 Tb/s that the network is known to be able to handle.

What Does This Mean For Your Business?

For Amazon, Apple TV, Netflix, Facebook and others platforms, they are clearly facing a challenge to their service delivery in Europe but have been quick to take a step that will at least mean that there’s enough bandwidth for their services to be delivered with the trade-off being a fall in the level of viewing quality for customers.  Many customers, however, are likely not to be too critical about the move, given the many other big changes that have been made to their lives as a result of the COVID-19 outbreak and the attempts to reduce its impact.  Netflix has even pointed out the extra benefit that its European viewers are likely to use 25 per cent less data when watching films as a result of the bit rate changes. However, with online streaming services being one of the main pleasures that many people feel they have left to enjoy safely, the change in bit rate should be OK as long as the picture quality isn’t drastically reduced to the point of annoyance and distraction.

Cybercriminals Hijacking Netflix and Other Streaming Accounts

It has been reported that the surge in the use of streaming music and video services has been accompanied by a surge in the number of user accounts being taken over by cybercriminals.

Entertainment During Isolation

Self-isolation and the instruction to stay at home during the next few weeks in the COVID-19 crisis has meant that many people have turned to streaming services like Amazon Prime Video, Netflix, Spotify and Apple Music. In fact, the demand has been so high that many streaming and social media platforms have reduced the bit rate of videos in order to make sure that services can still be delivered without taking up too much bandwidth.

Stealing and Selling Your Credentials

Security company Proofpoint has now warned that cybercriminals are taking advantage of this increase in demand for streaming services by stealing the valid credentials of users and selling them online.  This means that someone else may be piggybacking off a user’s streaming account without them even knowing it.  When the account credentials are sold online (for a much lower price than normal accounts), the seller gives instructions to the buyer not to try and change the login details of the account.

How?

For cybercriminals to hijack streaming accounts, they first need to steal the legitimate credentials of existing users. Proofpoint has reported that this is achieved by using methods such as:

Keyloggers and information stealers – software that has been unwittingly downloaded, that is able to record keystrokes to discover logins and other valuable personal data.

Phishing attacks – convincing emails from bogus sources that have made users click on a link/ to re-direct, which has led to login credentials and financial information being stolen and/or malicious software being loaded onto their computer/device.

Credential stuffing – where logins are stolen in cyber-attacks on other sites/platforms and sold on to other cybercriminals are tried in other websites in the hope that a user has been password sharing (using the same login for multiple websites).

How Do You Know?

The ways to tell whether your streaming account is being piggybacked include checking the settings to view which devices are connected to the account, checking previous activity on the account and activating the options that notify you each time a new device connects to your account.

Protection

Since the ability to hijack a streaming account relies on the ability to steal login details, following basic data security and hygiene can dramatically reduce the risk to users. For example, using strong and unique passwords, not sharing passwords between different websites/platforms, using a good password manager, keeping anti-virus software and patches up to date, keeping systems and browsers up to date, and not clicking on links or attachments in emails may help protect against this and others similar crimes.

What Does This Mean For Your Business?

Cybercriminals are quick to take advantage of a crisis or a trend and are always keen to find easy, low-risk ways to get money and personal details.  In this case, adhering to relatively basic security best practice can prevent you from falling victim to this and many other cyber-crimes. 

Sadly, this is not a new situation.  For example, a CordCutting.com report from last year suggested that around 20 per cent of people who watch a paid-for video streaming service are using someone else’s account.

Now that streaming services are experiencing a surge in users and are very much in the spotlight, it may be a good time for those services to tackle some of the long-running security concerns and to reassure users that they are taking some responsibility to make it much more difficult of others to piggyback accounts.

Featured Article – Maintaining Security During The COVID-19 Health Crisis

The current global health crisis may bring many different IT security challenges to businesses and organisations and this article highlights some of the ways that you can prepare to keep IT security covered as best you can at this difficult time.

Larger and Smaller Businesses – Some Different Challenges

Larger organisations may be at an advantage as they may already have policies, procedures, equipment and security arrangements in place for remote working, although they may find themselves more stretched as many more staff work from home than usual.

Smaller businesses and organisations, however, may be less well used to and equipped for suddenly having to send staff home to work. This means that they may have a lot more work to do now in order to prepare, and their IT personnel will find themselves needing to prioritise and be prepared to provide more on-demand support over the coming weeks.

Guide

Even though larger and smaller companies may have different challenges on a different scale, here is brief guide incorporating a list of suggestions that could help many businesses and organisations to stay secure while employees, contractors and other stakeholders are working remotely:

– Alert all staff to the possibility of email-borne threats and other social engineering attacks.  For example, over the last few weeks, cybercriminals have been sending COVID-19 related phishing emails e.g. bogus workplace policy emails, emails purporting to be from a doctor offering details of a vaccine/cure, emails with a promise of a tax refund and more.  The message to employees should be to not open unfamiliar emails and certainly don’t click on any attachments or links to external pages from any suspect emails.

– Make sure that any software and software-based protection used by employees working from home is secure and up to date.  For example, this could include making sure their devices have up to date operating systems and browsers, firewall software and anti-virus software is installed and up to date, and make sure that employees install any new updates as soon as possible.

– Ensure that any devices used by employees are managed, secure (have downloaded trusted security apps), have appropriate protection e.g. data loss protection, updated anti-malware, and a capacity to be centrally monitored if possible. Ensure that all devices, including employee mobiles (which can carry confidential information), are password-protected, and can encrypt data to prevent theft.

– Monitor the supply chain arrangements where possible.  If a supplier is geographically remote, for example, and if the Covid-19 crisis has left a supplier short of qualified IT and/or security staff, or if contract staff/cover staff, or unfamiliar staff members have been brought in to replace staff members e.g. particularly in accounts, this could present a security risk.  Taking the time to conduct at least basic checks on who you dealing with could prevent social engineering, phishing and other security threats, and exercising caution and offering your own known secure channel suggestions where suppliers may be short of  IT-security staff could help to maintain your company’s security posture.

– Although employees are likely to stay at home in the current situation, you will still need to make sure that they are made aware of your policy about accessing information on public or unsecured networks e.g. using a VPN on mobile devices to encrypt data.

– Make sure you have a 24-hour reporting procedure for any stolen or lost equipment/devices.

– Pay attention to user identity management. For example, have a user account for each employee, and give appropriate access to each employee.  This should help to prevent unauthorised access by other persons.  Also, control which programs and data each employee has access to, and which level of user rights they have on certain platforms.

– Make employees aware that they must use only strong, unique passwords to sign-in to your network, and that these details should be changed regularly e.g. every 3 months.  Also, make sure that multi-factor authentication is used by employees.

– Stay on top of managing the workforce and general daily operations.  For example, make sure that key IT staff are available at all times, communication channels and procedures are clear and functioning, handover procedures are covered, any sickness (which looks likely) can have cover planned, and that productivity targets can be met despite remote working.

– Remind employees that they still need to comply with GDPR while working remotely and ensure that help and advice are available for this where needed.

– Use this experience to keep the company’s disaster recovery and business continuity plans up to date.

– Schedule regular, virtual/online meetings with staff and ensure that all employees have the contact details of other relevant employees.

– If you’re not already using a collaborative working platform e.g. Teams or Slack, consider the possibility of introducing this kind of working to help deal with future, similar threats.

Looking Forward

At this point, the country, businesses, and many individuals are thinking more about survival strategies, but taking time to ensure that IT security is maintained is important in making companies less vulnerable at a time when operations don’t follow normal patterns and when many cybercriminals are looking to capitalise on any weaknesses caused by the COVID-19 health emergency.