By now, the impact of COVID-19 has likely made its way to your organization, and like countless others, your employees are working remotely. Perhaps you maintain a skeleton crew on site, but most of the staff is at home. For many firms, this begs a new question: How can you assure yourself and your customers that your cybersecurity stance is as strong as ever during these tumultuous times, while so much has already changed? With that in mind, we would like to offer some tips on how to approach cybersecurity, a few of the best practices you can utilize during this pandemic.
One of the first steps to mitigate risk involves:
- Secure connections to the network. With so many employees working from home, the question arises of just how secure their WiFi connections are. Public hotspots should be out of the question, and the employee endpoints must be password protected as well. VPNs (Virtual Private Networks) can be extremely useful. Cyber thieves are also on the hunt for those credentials, however, so consider using two-factor authentication for your VPN.
- Pay attention to the non-digital risks: stolen devices, unattended machines, screens viewable by others as you work on them. The new reality of people working away from the office exacerbates these issues. Concentrating on them will help employees get in the habit of being more security-forward and mindful of their actions.
Access has also become a trickier and more complex topic than before. Which brings us to our next point:
- Restrict access to sensitive information based on the necessary function. If you already do, great. If not, we highly advise it. Furthermore, whatever security software your firm uses, make sure employees are using it themselves, as well as installing the latest software updates on their own devices to keep their security up to date. Of course, if the security software doled out to them is faulty, the responsibility rests with management, not the end-users. So make sure everyone is on the same page.
Here’s an important tip:
- Make sure employees aren’t discussing business operations through standard text messages or social media. It might be tempting, as social distancing has made those methods of communication even more prevalent than they already were. But a lapse in judgment like this can create problems down the road. It’s as simple as that.
We have already seen how cybercriminals are exploiting people’s concerns about COVID-19. Using phishing schemes and posing as hospitals, major healthcare organizations, or Coronavirus patients (to name just a few), they sneak malware onto a target system. Never click on a link unless you know who it is from and you know what it is. If unsure, consider contacting the sender by email to confirm exactly what the attachment is.
Unsurprisingly, avoiding this type of deceit is one of the most crucial practices you can adopt during this time.
- And for our last tip: Teach your employees how to detect these schemes, which will be of great benefit. There is as yet no cure or vaccine for Coronavirus, so if anyone claims to have one if you just ‘click here,’ all they really have is you in their sights. Be on the lookout for messages like this.
These are just a few measures firms should take during this period of uncertainty. Working remotely, wherever people might be staying, brings a whole host of new risks that businesses really haven’t had to deal with before. Data stored on personal devices is generally far less secure than on enterprise machines. This is where NetLib Security can offer some assistance. Our Encryptionizer software can be rolled out across an organization, with no programming, to provide protection to those devices, ensuring that working remotely doesn’t compromise your critical information.
Whether this new normal turns out to be temporary, or if the repercussions extend far beyond COVID-19, these will remain good security practices moving forward.