As the pandemic infiltrated our nation and country, a strategy to flatten the curve shifted work offsite, requiring workers to remote work or connect from home. That fundamental change put new strains on infrastructure and also opened individuals and organizations up to cyber threats. These changes begged the question on if our state was prepared for this new normal of telework, telehealth, and distance learning.
GNDC asked Chief Information Security Officer, Kevin Ford the following questions:
What is the North Dakota Information Technology doing to protect North Dakota’s data during COVID-19?
What cyber security issues are you seeing now that you didn’t see pre-COVID or ones that are increasing during this time?
What steps should people take immediately regarding cybersecurity?
What resources do you recommend to be aware of cybersecurity threats and best practices?
What percentage/numbers of state workers are working remote and is there a plan or timeline in place for bringing state workers back onsite?
To further gain an additional perspective from private industry, we sat down with BEK Communications Chief Technology Officer, Jesse Gunsch. Their BEK Cares Initiative and additional efforts such as doubling speeds and offering new customers with needs four months service at no cost received national attention from Federal Communications Commission (FCC) Chair Ajit Pai.
GNDC: Was the state ready for the impacts of the virus-specific to networking, telework, and internet usage? How could we have been more prepared? Gunsch: Overall, North Dakota was well-positioned to handle the changes in the usage and traffic patterns on the networks themselves. North Dakota Telecom and Internet providers have made significant investments in fiber infrastructure, making our state one of the leaders of fiber optic infrastructure in the country. If you took a map of the United States and highlighted all the fiber optics in a nice purple glow, North Dakota would stand out like a large gem in the northern part of the United States. As a matter of fact, North Dakota has the highest percentage of people with access to fiber to their homes. From a network standpoint, we are in a good spot. If it weren't for the rural cooperatives and small telecoms working together for many years to provide internet to the most rural of families in North Dakota, I think we would be having some of the same struggles that other states are having now. Our history of collaboration prepared us well for this.
How is BEK handling the additional demands on the infrastructure?
BEK has been preparing for this type of thing for fifteen years. About ten days out of every year, BEK is dealing with floods, blizzards, tornadoes, or other unique situations, requiring us to work in a hybrid support model during those times. As a result, the effect on BEK has been minimal. The traffic peaks have slightly increased, showing evening usage has risen a little, but not significantly. The most notable change is the overall network usage throughout the day has grown. BEK has always been very proactive. We continually monitor our network. When part of our network infrastructure starts hitting 50% utilization, we will double our capacity on that leg just to make sure we stay ahead of the need. This is a practice we have always kept, so it was not difficult to meet additional demands in this situation to better allow working and learning from home experience.
When COVID-19 hit, BEK stepped up to offer corporate aid, tell us about this, and what was the trigger that made your team do this?
We have excellent access to media and global information in today's world. When we saw all the impacts to other countries before the United States and the steps that they were taking, BEK started thinking about how we would help our communities when the United States would take similar actions. We asked ourselves, how are we going to help families work and learn from home? That question is what drove our BEK Cares program. We made this commitment because we knew that if there were more people in the home working, playing, and entertaining themselves online, they were going to need more bandwidth. We committed to doubling over 10,000 of our customers' internet speeds at no charge, so they could work and learn from home. We also made internet service available free of charge to people living within our service area who did not have internet service. Leading to over 2,000 calls and over 25 new households being installed every day at homes that did not previously have internet service. Keeping to our coop roots, we strive to take care of the people in our communities.
Now that a significant number of people are working from home, is that increasing the risk of cybersecurity threats?
Absolutely. When you look at working from home, it introduces new issues. With the rush to get everyone set up to be able to work from home, many companies went out and implemented solutions that addressed their immediate needs. Very few companies implemented them with proper practices. One of the most common solutions that companies were using had several security issues. One that allowed attackers to access your Windows password and allowing elevated access to Macs. Those are things in the background that people don't realize are happening. Problems do not generally come from these solutions themselves, it comes down to making sure that they are implemented correctly. There are also soft risks with many solutions as well when human nature is introduced to the equation. For instance, when people step away from their system in a home environment, they may not be as cautious as to when they walk away from their systems in a work environment. Also, when working at home, people may have a tendency to do some personal web browsing that they might not do at work and that introduces potential security problems. During this time, multiple websites that claimed to have an updated map of the spread of COVID-19 that was putting Malware on people's computers after they accessed the map. It was an easy mistake to make for someone who was searching for information. Always remember to separate your surfing habits, do work on work systems, and general surfing on your home equipment.
What are the steps people can take to be safe online?
With news and social media at our fingertips, one of the most basic and straightforward items is to utilize are antivirus products and make sure you keep them up to date. Antivirus products today cover a broad range of security support, protecting you from malicious websites, phishing emails, networking events, and questionable applications on your system. It is just as important is to use unique login passwords for each of the sites and apps you use. Many times people use the same password for everything, while convenient, this is a terrible idea. If that password is compromised, the hacker's job will be considerably easier getting into your other accounts. If there is an option for Two-factor identification, I would strongly encourage users to take advantage of this security feature. Oversharing is one more thing people should be cautious about when using social media. Only share with friends and trusted people and make sure that they are not able to re-post your posts. Think about some of the questions that people are posting and answering online (what was your high school mascot? What is your favorite color? What street did you grow up on? First car?). Now think about the challenge questions that websites ask to allow you to log in or to retrieve your forgotten password.