As the nation transitions into the endemic phase and more employees start to return to work in the office, companies should maintain their guard and continue to assess their vulnerability risks to cybersecurity threats and ensure that the appropriate controls are implemented to address such risks.
Authentication allows a Company to confirm the identity of employees who are trying to access the Company’s IT resources. Multiple, robust forms of authentication can be considered including Multi-Factor Authentication (“MFA”) where, if a username or password is compromised, the second line of defense should kick-in, e.g. push notification to a phone or even biometric authentication such as fingerprints.
Furthermore, passwords should be strengthened and multi-factor authentication should only go into devices that have been previously verified and enrolled.
To aid in the above, the company should also implement malicious content filtering to prevent email-based attacks, besides strengthening their web filters and firewalls to restrict communication with malicious sites and potential attackers.
Monitoring & Testing