Protect yourself and your company’s data from cyberattacks while you work from home by following a few commonsense guidelines.
Before the COVID-19 pandemic, the ability to work from home was treated more like a privilege or benefit for most American workers. Since then, it has become a necessity for many. In accordance with social distancing guidelines, record numbers of enterprises have moved operations from offices to employees’ homes to support business continuity.
But what does this mean for your cybersecurity?
At a time when physical health and safety are in all the headlines, it’s easy to forget about the health and safety of your technology. But hackers and scammers using malicious software are all too happy to take advantage. They’re ready to target vulnerabilities in your IT infrastructure as everyone transitions to working from home. No matter how good your defenses were before, you should anticipate new weaknesses to emerge during this transition.
Four Questions to Ask to Help Prevent Cyberattacks When Working From Home
While your employees stay home to prevent the spread of coronavirus, they can also do their part to protect personal information, systems, and company data. Meanwhile, you can beef up your cybersecurity behind the scenes. Just ask yourself the following questions and check them off as you address them.
- Have you educated employees about cybersecurity issues and remote work?Your employees can’t help you protect your enterprise from cyberattacks if they don’t know how. So, let them know what you expect of them, and how to follow good cybersecurity practices while working from home. You can do this through email, online training, video conference calls, or virtual team meetings.The main thing to remind them of is that existing rules for work devices remain, and it’s more important than ever to use them appropriately. Working from home sometimes blurs the boundaries between professional life and home life. When your spare bedroom or kitchen table suddenly becomes your office, it’s easy to forget that work devices should still be used solely for work.To keep work devices private and your enterprise’s data secure, communicate to employees that work devices should not be shared with family members. The more personal activities done on a work device, the more likely the device will encounter malware. If that device is connected to your enterprise’s VPN, the malware now has unauthorized access to your entire system. Hopefully, you have firewalls and other defenses in place, but those defenses might not be designed for the influx of cyberattacks that personal internet use can subject your computer system to.
If your employees use personal devices for work, you need to issue a different set of guidelines:
- Do not connect home computers to the work VPN.
- Keep operating systems up to date and use built-in security features.
- Install antivirus software if a home computer doesn’t already have it.
- Do not use the same passwords on home devices as devices at work.
- Do employees know what COVID-19 scams look like?A unique cybersecurity threat that has emerged during the 2020 pandemic is COVID-19 scams.Cybercriminals are flooding the internet with many types of malware, such as malicious emails, links, and downloads under the guise of coronavirus information. When your employee unsuspectingly opens one of these, they expose whatever device and network they’re on to malware and phishing scams. If they are connected to your enterprise’s network at home, your enterprise is now at risk.Make sure you warn employees about this threat and ask them to be aware of suspicious websites and communications such as:
- Dubious websites about coronavirus.
- Emails from people posing as representatives of the CDC, World Health Organization, and similar agencies.
- Fake emails from businesses, schools, and other organizations promising updates about closures.
- Are you strengthening your cyberthreat detections and defenses?You know that your enterprise is at higher risk for cyberattacks during the transition to work from home. How do you plan on catching threats and breaches?Here are some suggestions:
- Set up remote desktop applications to gain access to sensitive data.
- Implement multi-factor authentication for sign-ins, so it’s more difficult for unauthorized entities to sign into critical infrastructure and applications.
- If you issue enterprise-owned devices, ensure they can be remotely wiped if necessary.
- Use security orchestration, automation, and response (SOAR) technologies to collect security data and issue alerts if you don’t already.
- If you use a VPN, discuss network security measures and solutions with your provider. You will most likely need to increase the number of simultaneous VPN connections to start with.
- Work with a managed security service provider (MSSP) to explore other cyberthreat detection tools and technologies.
- Are you prepared to continue managing your cybersecurity from home?Everyone is facing new challenges due to the COVID-19 pandemic.While you support your enterprise’s employees, who is supporting you and your cybersecurity efforts?You can relieve some of the added stress by working with a trusted managed security service provider. MSSPs are adept at finding solutions for cyberattack prevention, detection, and remediation. They work behind the scenes 24/7 to protect your enterprise’s systems and data from the threats of malware, viruses, and hackers.
ATSG — Transforming the Customer Experience Through Tech-Enabled Managed Services
Today’s choices for mobility, cloud, contact center, infrastructure, unified communications, applications, and operations are mission-critical for small, mid-sized, and large enterprises alike. ATSG, Inc. is leading the transformation into Technology Solutions as a Service with our tech-enabled managed services portfolio and a commitment to technology innovation, operational excellence, and client intimacy. Recognized by industry leaders and industry-leading publications, ATSG has 25 years of operating history delivering exceptional customer experiences that directly result in competitive advantage, cost-savings, growth, and improved operational efficiencies.