The outbreak of coronavirus (COVID-19) has impacted communities across the US and the globe. In efforts to limit the spread of the virus, more companies have transitioned their employees to work from home. With more people telecommuting than ever before, the scramble to provide access to email, shared files, and maintain typical workflows can be daunting. However, above all else, security has become one of the most critical factors of remote work that a company should not overlook. Outside of the confines of your office’s secured network, new threats are posed to your confidential information.
From the use of personal devices and unsecured networks to scams that target remote employees, remote work provides new challenges to securing your data. However, there are several steps you and your team can take right now to mitigate vulnerabilities and protect your business data from a potential breach while your employees work from home. If your staff is unexpectedly working from home, consider the following to ensure data security:
Determine Your Cybersecurity Policy
Admittedly, at this time, those who do not have an existing cybersecurity policy may need to devise a plan to move forward quickly. Start with the basics listed below, and allow room for the policy to be updated at a later date. However, be sure to communicate both the original policy and any updates to all employees clearly and provide clarification of any technical requirements in layman’s terms.
Mandate Secure Internet Connections
Many of those switching to remote work during this crisis may be using an unsecured Wi-Fi network to get their jobs done from home. An unsecured Wi-Fi connection is the easiest entry point—and biggest vulnerability—to your company data. The best solution to ensuring a secure connection is to use a virtual private network (VPN), which encrypts internet traffic regardless of whether or not a secure Wi-Fi connection is used. Because the current climate requires working from home, rather than at a café, coffeehouse, or airport with an unsecured network, at minimum, workers should protect their household’s Wi-Fi with a strong password.
Ensure Strong Passwords
You’ve heard it before, but reiterating the importance of strong passwords cannot be overstated. Having unique passwords for each of your accounts is a crucial layer of protection that must be enacted. Passwords should be lengthy—at least ten characters—and comprised of upper and lower case letters, numbers, and special characters. Consider using a trusted password manager to keep difficult-to-crack passwords readily available.
Enable Two-factor Authentication
Whenever possible, opt into two-factor authentication or two-step verification for accounts offering this feature to make it that much more difficult to hack into your network or online applications. Typically, for remote work purposes, the second authentication or verification method includes a code sent via email or text message.
Protect Employees’ Personal Devices with Antivirus Software and Updates
Many personal devices may not include the same security features as those in your office, specifically antivirus software. This software detects and blocks malicious software, or malware, which is designed to attack devices and cause damage or gain unauthorized access to otherwise confidential data or networks. Purchasing malware protection for your remote employees’ devices should be considered, as it is a small investment compared to paying a ransom for stolen data, losing files, or having your system breached. Moreover, require employees to make any recommended updates on their personal hardware and software to ensure the latest security measures are in place.
Educate Your Staff on Phishing Scams
Those with nefarious intentions will no doubt view the coronavirus crisis as an opportunity to steal your data. One avenue to do so is through phishing scams. Phishing scams happen when an outside source attempts to trick a user into providing them with sensitive business information, such as usernames, passwords, credit card numbers, or other vital company information. Often, these emails are cleverly disguised and can even appear as though they are from a co-worker. Without being able to confer with co-workers about whether or not the email is legitimate makes your staff more susceptible to take the bait by opening malicious attachments, clicking suspicious links, and more. All of this puts your data at risk. Educate your team on such scams and implore them to err on the side of caution when they deem any correspondence as fishy.
There are several steps business leaders can take as well to secure their data when their employees work remotely, including establishing a separate, external network dedicated to remote access, setting up VPN access, enhancing encryption, end-point detection and response, remote access logging, and more. To learn more about what you can do to protect your data while employees work from home, contact us today – or – watch our previous webinar.