Many organizations have been forced to move to an all-remote workforce during the COVID-19 crisis. This shift presents a number of security concerns for you as an organization as well as provides additional opportunities for bad actors looking to steal your data. Threat intelligence researchers are reporting a significant increase in common cyber attacks looking to exploit the COVID-19 pandemic by targeting remote workers.

To help protect your organization during this turbulent and unprecedented time, the SIS Security Team has put together the following tips and recommendations to share with your team and help keep you secure.

Think Before you Click

Cybercriminals are taking advantage of people seeking information on COVID-19. They are
distributing malware campaigns that impersonate organizations like WHO, CDC, and other
reputable sources by asking you to click on links or download outbreak maps. Slow down.
Don't click. Go directly to a legitimate website to access the content. DO NOT provide your
credentials or open attachments from any email you are not expecting.

Lock Down your Login

Create long and unique passphrases for all accounts and use multi-factor authentication
(MFA) wherever possible. MFA will fortify your online accounts by enabling the strongest
authentication tools available, such as biometrics or a unique one-time code sent to your
phone or mobile device.

Connect to a Secure Network to Access any Work Accounts

Home routers should be updated to the most current software and secured with a lengthy,
unique passphrase. Your employees should not be connecting to public WIFI from their
corporate-issued device.

Separate your Network

Keep your company devices on their own WIFI network, and make sure your personal devices are on their own. In this hyperconnected age, our home networks often have a large number of smart devices connected, such as TVs, games consoles, refrigerators, etc. These devices
quite often have little to no security and can be used to gain access to your home network.
Segregating these devices from corporate devices can significantly reduce the possibility
of a security incident.

Keep Devices with you at all Times or Stored in a Secure Location When Not in Use

Set your device to auto log-out if you walk away from your computer and forget to log out.

Limit Access to the Device you Use for Work

Only the approved user should use the device (family and friends should not use a
work-issued device).

Use Company-approved/vetted Devices and Applications

Use only approved tools that have been vetted by your company’s security and IT teams.
Do not substitute those with personal or preferred tools when collaborating or completing
your tasks.

Update your Software

For all your devices such as phones, tablets, and other network-connected devices, ensure  your IT team keeps them up to date with the manufacturers' latest
security releases to protect your company further.

For a PDF version of these security tips to distribute to your staff, click here. 

To better prepare for any future cyber attacks on your organization, you can reach out to your local Secret Service Electronic Crimes Task Force and request to join their mailing list. This division regularly communicates emerging threats complete with real examples of hacking attempts.  

If you have any concerns, you can reach out to SIS Support at:

SIS Hospital: support@sisfirst.com | 800-944-3896
SIS Complete: cloudsupport@sisfirst.com | 866-265-2434
Amkai: support@amkai.com | 866-265-2434
AdvantX: advantxsupport@sisfirst.com | 800-562-7069
Vision: visionsupport@sisfirst.com | 800-246-0875
SurgiSource: surgisourcesupport@sisfirst.com | 800-447-0104