Office Hours: Webroot and COVID-19 June 9, 2020


Userlevel 7
Badge +48

Hello Webroot Community, 

I wanted to create a space for us to come together and discuss Webroot and COVID-19.

Consider this our office hours. 

In case you might have missed it, we created a page here where we’ll keep a running list of articles, blog posts, and other pieces of content about our COVID-19 response.

If you have specific questions on what we’re doing as a company during the pandemic and our tips for how you can stay cyber resilient in these uncertain times. 

Please add your questions below or join us Tuesday, June 9, 2020, at 1:00 PM - 1:30 PM MT.


This topic has been closed for comments

10 replies

Userlevel 7
Badge +48

Hello Webroot Community, 

Hope you’re Tuesday is going well and that you’re staying safe this week. 

We’ll get started in a little bit with the usual cast of characters.

Hang tight. 

Userlevel 7
Badge +48

As always, thanks for writing in your questions. We got a great response and (hopefully) will have time to get to all of these questions. 

With that, we’ll get started!

  • Changes to work environment that will stay with us even after this covid ends - Ramy
  • How long will you work from home? -Ashley D.
  • What kind of attacks are we seeing most of during the COVID-19 pandemic? -Daniel G.
  • The most recent Webroot cyber update showed a lot of data breaches across the nation, what do you think the financial fallout was from this? Do you think this was primarily caused by the insecurity of home working environments? -Tara H.
  • What additional measures have you been able to put in place for home users? -Carl P.
  • At a time where scamming is at its highest, what are your top tips for users working from home? -Russell H.
  • Which best strategy to protect personal devices often used in smartwork situation?  -Andrea R.

 

 

Userlevel 4
Badge +3
  • Changes to work environment that will stay with us even after this covid ends - Ramy

Regarding the first question we have seen a number of things become more important during COVID and the following we see staying after COVID is past:

  • The ability to WFH will be built-into standard employee practice, to provide flexibility to both the employer and employee outside COVID
  • Laptops will become the standard provided, rather than Desktop computer, except for those that absolutely need the power of very intense processing, storage etc. (although even that could be provided in a cloud environment)
  • Additional equipment will be provided to make WFH more practical, and allowances for home equipment
  • Higher usage of cloud environments either run by MSPs or Cloud Hosting Providers and abstraction of most no-sensitive IT to the Cloud
  • Growth in sophistication of collaboration software – currently Teams; Zoom and others are OK, but there is not really a go to intuitive fully functional solution for doing all aspects of business (hopefully MS will step up as there is lots of user input available now!!)

On the IT Security front:

  • We’ve really been living in a pretty perimeter less world for a while now, while larger companies have invested in WFH SMBs have not needed to invest in such security. Now they need to have the basics in place for safer WFH, namely:
    • Minimum WFH IT Security Policy that mandates any network or device access acceptable practices
    • VPN connections
    • Stronger user authentication access controls – past username and password to 2FA or MFA
    • Ability to remotely manage devices either via using an MSP service or adopting MSP like RMM tools
    • Up to date endpoint protection
    • Regular vulnerability scanning of remote assets and patching
    • Some form of Internet protection (DNS or Secure Web Gateway) so both security and access controls are in place for better productivity of WFH
    • Cyber Awareness Training
    • Backup and Recovery of endpoint devices as standard – most SMBs just focused on Servers not desk or laptops – maybe with a full Disaster Recovery plan in place too.  

So we can expect lots of permanent changes because of COVID 

Userlevel 4
Badge +3
  • How long will you work from home? -Ashley D.

How long I will WFH is interesting, especially as I’m in the office today as I lost Internet connectivity due to a severe storm last night and generally the connection has been bad.

However, I’m probably like everyone else, until I feel its safe for me to return, or there is a treatment in place that is almost 100% successful. It will of course vary by risk factors (age/pre-conditions) and we have already seen.

OpenText our parent company put in place in office restrictions for a more gradual safe return to work.  Of course we shut some of our smaller offices, so there are some Webroot staff who will now permanently WFH.

There will undoubtedly be a lot of hybrid approaches to this, but putting the health and safety of staff first while at the same time allowing the business to function and customers to be fully satisfied and 100% served all come into play too.

We have generally as a company been told that we can work from home until September 8th if we wish. By which time things will be less confusing!  By the way today I have seen 2 other staff members, so being in the office is an exception still!

 

Userlevel 7
Badge +24

As always, thanks for writing in your questions. We got a great response and (hopefully) will have time to get to all of these questions. 

With that, we’ll get started!

 

  • What kind of attacks are we seeing most of during the COVID-19 pandemic? -Daniel G.

Phishing malspam into ransomware is probably the most popular right now. They have adaptive to the COVID19 landscape and basically all of the emails now are around COVID, usually themed with CDC guidelines, COVID testing for free and anything related. The email contains a word doc that wants you to run a macro. Once clicks that enable content button, it will download trickbot or dridex which will analyze the network so criminals can decide what kind of environment they are in and ballpark figure of what they want to charge for ransom. One change that we’ve seen recently is that criminals will now steal the data before they ransom, so in the case that you decide not to pay the ransom because you are able to bounce back without the files they encrypted, they will just auction or release the data so your company faces ramifications of things like GDPR and CCPA.

Userlevel 4
Badge +3
  • What additional measures have you been able to put in place for home users? -Carl P.

Additional measures have been pretty significant from taking pay cuts to closing offices and shedding staff at the outset to ‘weather’ the situation.  Outside of that though, Webroot was already equipped to let all staff pretty much WFH. So, from a security policy and network access perspective we had a lot of the IT Security and general IT policies, rules and systems in place.  However we have done more to let staff take home chairs, screens and other ‘office’ equipment to make it more comfortable WFH.  But really the main measures  have been around establishing strong, regular communications and assistance routes for us to receive and exchange information as needed around WFH. We also have a company wide OpenText initiative called Project Shield that started way back in January looking at COVID implications (as we have lots of offices in SE Asia) that is now setting central standards and policies so staff worldwide are informed, aware and able to navigate things locally.

 

Userlevel 7
Badge +24

As always, thanks for writing in your questions. We got a great response and (hopefully) will have time to get to all of these questions. 

With that, we’ll get started!

  • The most recent Webroot cyber update showed a lot of data breaches across the nation, what do you think the financial fallout was from this? Do you think this was primarily caused by the insecurity of home working environments? -Tara H

Most of those breaches happened before the impact of Covid. You do raise a very good point and with much of the workforce working at home, potentially on a personal device, the likelihood of breach there only increases. The landscape was already riddled with breaches, and soon I think we will learn of even more breaches and once all details were disclosed we’ll find that it was during work from home orders

Userlevel 7
Badge +24

As always, thanks for writing in your questions. We got a great response and (hopefully) will have time to get to all of these questions. 

  • At a time where scamming is at its highest, what are your top tips for users working from home? -Russell H.

· 1) VPNs are a must in this COIVD19 era of massive work from home.

VPNs add a layer of protection by encrypting traffic to not be viewable by malicious actors and by filtering out malicious webpages like phishing. Also a great idea when working from home and dealing with personal data of customers - keeping that data encrypted while in transfer

· 2) Back up your data, ideally both online and offline. Good idea to also password protect customer data while at rest. The last thing you want is criminals to phish your cloud credentials and be able to take all that stored data that could be customers data

· 3) Use strong passwords that are unique and lengthy. 15 characters at least (idk why 8 is the standard) since you can crack 15 characters in 15 hours. 

· 4) Implement 2FA in all login portals. This is huge in case any credentials are phished, any criminal would also need access to device to log into accounts from different locations

Userlevel 7
Badge +24

 

 

As always, thanks for writing in your questions. We got a great response and (hopefully) will have time to get to all of these questions. 

With that, we’ll get started!

  • Which best strategy to protect personal devices often used in smartwork situation?  -Andrea R.

Can you help by defining what a smartwork situation is? I’m having trouble clarifying that?

I’m guessing how to protect computers while using them at work so I will answer that. 

· 1) VPNs are a must in this COIVD19 era of massive work from home.

VPNs add a layer of protection by encrypting traffic to not be viewable by malicious actors and by filtering out malicious webpages like phishing. Also a great idea when working from home and dealing with personal data of customers - keeping that data encrypted while in transfer

· 2) Back up your data, ideally both online and offline. Good idea to also password protect customer data while at rest. The last thing you want is criminals to phish your cloud credentials and be able to take all that stored data that could be customers data

· 3) Use strong passwords that are unique and lengthy. 15 characters at least (idk why 8 is the standard) since you can crack 15 characters in 15 hours. 

· 4) Implement 2FA in all login portals. This is huge in case any credentials are phished, any criminal would also need access to device to log into accounts from different locations

See more here

https://www.webroot.com/blog/2020/03/19/staying-cyber-resilient-during-a-pandemic/

Userlevel 7
Badge +48

Thanks to everyone for joining us today and to @GeorgeA and @TylerM for helping us answer questions. 

If anyone has any additional questions, be sure to stop by next Tuesday at 1:00 PM MT. or add your questions here and we’ll do our best to answer all of them.

Until next week, stay resilient!