Ahh, the holiday’s are finally here! The most wonderful time of the year filled with laughter, cheer, and finally, some time away from the office. For many of us, this is the time of year to sit back, relax, and not think about work.
However, for security teams, this time of year can be a major headache. With employees working remotely, everyone taking time off, and online safety being the last thing on everyone’s minds as they rush to order last minute gifts, SOC teams are pressed to be more vigilant and secure greater perimeters with sometimes fewer resources.
For hackers, this is the opportune time. Knowing that most people are distracted and buying online more than ever, malicious actors can take advantage of the holidays to find and exploit vulnerabilities across an organization’s physical and cyber infrastructure.
Below are a few tips to best prepare for this whirlwind season while giving your security team a chance to enjoy the holidays as well.
1. Test, Test, and Test Again
Ensure all your alarms, security systems, and software are working up to snuff and updated with the latest versions, well before and during the holiday season. From physical alarm systems to your surveillance cameras, ensuring your VM scanner is ported with all your assets and validating the performance of your network security tools, an extra check doesn’t hurt during this time of the year.
2. Remind Employees of Security Policies
Now is a great time to host a refresher or launch a mandatory training on proper security policies and procedures, covering topics like proper mobile device use, phishing, safe remote work policies, and proper machine updating. As your employees likely take off for a few days of remote work in various locations, it’s crucial that you make sure security is fresh in their minds.
3. Add a Robust Alert Systems
While you’re testing and updating security systems, set up alerts for your SOC team going in the holiday season. Include a few extra folks on the alert chain since some may be off for the holidays. These alerts should be for possible threats and not just obvious attacks, so you can maintain full security during a vulnerable time period.
4. Minimize Attack Surface
Often, malicious actors scan the entire internet looking for the right opportunity. By strategically planning an audit before the holiday season, you can mitigate some of this risk by identifying potential shadow IT assets. Consider including an attack surface management (ASM) solution to take full inventory of all your assets and keep a small footprint.
5. Configure VPNs
With remote work on the rise, especially during the holiday season and winter months, take some time to harden your VPN settings and double check your configurations.
Need more guidance? TCecure is always available to secure your organization, any time of year. We have the expertise to help you effectively prepare, prevent, and respond to cyber attacks of all kinds. Be safe and enjoy your holiday season!