Table 5.
Implementing “Drive-by downloads controls” to WFH users.
Stages | Description |
---|---|
Stage 1 | The IT department is required to organize a short online module with quizzes and answers to teach working from home users about drive-by download attacks and its potential to spread ransomware |
Stage 2 | All working from home users are required to complete the short modules with quizzes and answers before moving to stage 3 |
Stage 3 | Using any online face-to-face medium, the IT department are required to personal teach working from home users about the concept of drive-by download. Repeat if working from home users have not yet understand the concept of drive-by download |
Stage 4 | Using any online face-to-face medium, the IT department must now demonstrate how to respond appropriately to potential drive-by download attacks. For instance, IT may say that a phishing email may have an embedded suspicious link which could lead them to a drive-by download page and one must not press on. Repeat if working from home users have not understood how to respond appropriately to potential drive-by download attacks |
Stage 5 | Using any online face-to-face medium, the IT department is required to go through all the “Do not Drive-by download” with working from home users. For instance, IT may show to working from home user how to correctly use and install Web filtering software. Repeat if working from home user have not understood how to appropriately apply the security measures from “Do not Drive-by download” |
Stage 6 | At this stage, working from home user would now have a strong comprehension about the concept of drive-by download, how to appropriately respond to it, and how to use and appropriately apply the security measures from “Do not Drive-by download” |
Stage 7 | Every 6 months, the IT department must go through stage 2 with working from home users to ensure that they are up to date with their skills. Stage 3, 4 and 5 are other optional stages working from home user may wish to go through again to help retrain themselves |
Stage 8 | In the future, an organization may recruit new working from home users. The IT department are required to go through stage 2–7 with the new working from home users |