With the COVID-19 lockdown in place, millions of us are working at home, many for the first time.
Business continuity plans have been implemented and companies are being tested as never before. Significant challenges arise as companies, many with little experience in managing a remote workforce, have been thrown into the deep end. Getting work done efficiently and ensuring smooth communications between distributed teams are overwhelming concerns. But with many employees working outside the office for the first time, hackers and cybercriminals are rubbing their hands together in glee. Our vastly increased reliance on digital tools, in a crisis climate rife with uncertainty, has created a target rich environment for cybercriminals. However, there are a number of measures both companies and employees can take to enhance security.
All employees should connect through a corporate VPN when possible
A corporate virtual private network (VPN) enables employees to access a secure end-to-end encrypted connection to cloud resources on a company’s network. The encryption means that an employee device, no matter where it is located, will not be accessing company resources through an open connection that is more vulnerable to attack. The VPN will also have a firewall and network-level protections in place to filter data transmitted through the network.
If for some reason you don’t have a corporate VPN, there are also services you can download, both free and paid. Be aware though, that these VPNs may track your personal data for marketing purposes, compromising your privacy. Look for a reputable provider, such as NordVPN or Disconnect Premium, and do you research. Some companies may have policies in place relating to the use of a private VPN, given that these networks can be used for nefarious purposes as well as for increased security, so be sure to discuss this with your IT department.
Take extra precautions with home WIfi
For remote employees, the Wifi network offers an attractive entry point for the unsavory. As a first step, change the default password and keep it to yourself. The more users who have access to the network, the more opportunities for breach by a criminal. If your router allows, set up more than one network and keep company laptops, phones and tablets separate from personal devices and IoT devices such as video cameras, Alexa and the like. Do not allow children to use the dedicated corporate network for their devices.
Choose robust passwords over convenience
It’s tempting to use a meaningful word or date as password. Who can remember them all? Tempting though it may be, don’t use your dog’s name as your password – a random string of numbers, letters and symbols is always the most robust option. Use a password manager to keep your passwords safe and accessible. For companies, once passwords are set, extend the lifespan so the password doesn’t expire while employees are remote. Trying to reset a password remotely runs the gamut from deeply inconvenient to impossible.
Ensure that employees update software regularly
How many among us, when those pesky messages crop up haranguing us to update our operating systems, actually do so? We click “remind me tomorrow” and carry on with business. Those updates are sent out for a reason – to protect you against threats as they appear. Hackers are diligent as well as ingenious and conjure up new forms of online pestilence at a rapid clip. Don’t make it easy for them. Remember that updates apply to your antivirus software and router as well.
Use two-factor identification
One of the best ways to enhance online security is to use two-factor identification, combining a password with a second step in the log-in process. Once a password is entered, the user is sent a code via text, email or push notification. One of the most secure options is to use an access token generated through an app or a physical device.
Provide employees with backup Internet connectivity
For the remote worker, there is no greater disaster than losing a Wifi connection. During this crisis period, the strain on Internet providers is vastly increased. Consequently, the chance that local service may be compromised is significantly greater than usual. To guard against business interruptions caused by connectivity issues, provide mobile Internet services as a backup. The major cellular service providers all offer convenient mobile Internet options.
Vigilance is always the best policy
While cyberthreats may have increased in severity with the Coronavirus crisis, there will always be cybercriminals ready to exploit any vulnerability they can find. It pays to be suspicious: don’t open strange emails and be especially cautious about attachments. Beware of phone calls from unknown individuals claiming to be from IT support. Speak only to those you know, or those who can verify their identity as part of your company’s IT team. Companies and employees alike must unite to prevent cybercrime, and during the current crisis teamwork is more important than ever.