Ready or not, it’s NFL draft week. After much debate over how to hold the NFL draft, teams are now on the clock as they prepare for a draft like none before. However, as the league and teams have worked to build out a virtual draft infrastructure that relies on technology like Zoom or Microsoft Teams, many are more vulnerable to hackers than they realize.
Following are 5 tips to tighten security protocols that teams need to implement now:
- Leverage both strong passwords and multifactor authentication for meetings channels. While Teams has seen far fewer issues than Zoom, it’s still possible to hack into Teams channels. Using both to access your Teams channel will be crucial in preventing weak passwords being leveraged or phishing attempts.
- Scrutinize every email. Far too often fake emails are used to launch phishing attempts. Get your security team to review every email – especially external emails – to ensure the legitimacy of those communication channels.
- If using Zoom, follow corporate best practices. Leverage random meeting IDs, which makes it harder to guess IDs and join meetings without actually being invited, a technique known as Zoom-Bombing hack into meetings, assign meeting passwords, and set wait in lobby features to safeguard your communications. However, software such as Zoom and Microsoft Teams are still susceptible to security flaws as we saw last week when it was disclosed that two Zoom flaws could exist that could potentially lead to code execution against Zoom Windows clients during a meeting and a macOS bug.
- Tightly manage your social media channels. Closely manage all your social media channels – especially Twitter – and limit access. Leverage usernames and MFA to guard against hacks aimed at spreading false information.
- Scrutinize all your communications. Every piece of communication should be checked and double-checked. For example: in the rush to set meetings, be sure meeting invites are going to the right people. It’s easy to add the wrong person or email to a meeting invite.
Your security teams should be all hands on deck not only this week but daily. Implementing these best practices are good not only now, but moving forward for your organization.