We are living in an unprecedented time. The world hasn’t seen a pandemic like this in 100 years, and let’s face it, things are very different this time around. For one, the global population is significantly higher. Secondly, the world has gone digital, which will allow many people to work from home rather than risk traveling to and from the office and potentially getting infected in the process.
With so many people suddenly working from home, companies have had to scramble to prepare for change. One of the most important areas to focus on for any business should be cybersecurity. Your employees are now passing potentially sensitive and proprietary information back and forth over a number of different networks.
It’s a dream situation for hackers because, according to studies, one-third of IT decision-makers have already admitted that their organizations have suffered a data breach as a result of remote working.
And with more and more businesses storing their information in the cloud and using SaaS solutions like business intelligence software and HR software platforms, keeping your personal information and company information safe becomes even more important.
The good news is, there are plenty of ways you can beef up your cybersecurity even after you’ve sent your employees home to work. All it takes is a little bit of planning and some changes to the way you’ve got things set up.
Here are some great tips for getting everyone on the same page and ensuring that your company is secure no matter where anyone is working from.
Update your passwords
Passwords are the first thing that hackers will go for. It should be standard policy in your company to use strong passwords and to update them every six months. However, right now it’s even more important to get those passwords secure. Each employee user account, computer, email and company access should get an update in terms of a new, strong password.
If possible, consider updating to a two-step or even a multi-factor authentication process. This will give you even more security on any sensitive materials. There are many ways to do this, but requiring a randomly generated PIN that you send via text message to employees each time they log in is probably the simplest. It doesn’t require extra technology like a biometric scanner for fingerprints or facial recognition.
Get a VPN solution
Many people know about VPNs (Virtual Private Networks) as a way to hide their geographic location and gain access to online content that licensing regulations prohibit. However, VPNs were actually designed as a security protocol for online and remote working situations.
A VPN will encrypt what you are doing online, making the actual nature of your work and the data you are sending and receiving impossible to see. This prevents hackers and observers from even viewing, never mind downloading and stealing, your important information.
Just be aware that some VPNs can slow your network connection. This means that there may be some lag when you are making video calls or using various other networking programs that are essential for a remote office coming together.
However, there are a number of VPNs that are equipped to keep conference calls from lagging. When purchasing a VPN service, make sure to have a list of your requirements or talk to a salesperson about the various features of the software you choose.
Only work on devices supplied by the company
It is far easier for you as the company to protect yourself if everyone is working on a device that you have bought and have control over. You can set them up so that no one can put any apps or programs onto the device that you haven’t approved.
This means that employees will only be using the anti-virus and protection software that you have chosen. They will also be unable to download games or freeware that can so often be used as a back door for malware from hackers.
If employees are already working on their own devices within your office, take some time to ensure that they are up to scratch in terms of the security programs installed. You can also issue some protection protocols for what to be aware of when downloading content that is not strictly for work.
Check all WiFi networks your employees are using
Public WiFi networks are notorious for being insecure. It’s essential that employees are aware of this should they be working from a coffee shop, mall or conference center. Where these kinds of cases can’t be avoided, provide an encrypted method of connecting to the internet for your employees. This will prevent anyone on the same network from gaining access to their device.
In this time of isolation and lockdown, it’s unlikely that any of your employees will be working on a public network. They should all be working from their own homes. However, it’s still worth checking on the security of their home networks and assisting them with making it as secure as possible. Changing the password to something truly secure is the first step.
Stay up to date on the latest phishing scams
A phishing scam is as old as email and the internet. Hackers send out emails that ask the reader to click on the link. Once this is done, the hacker can gain access to the computer or device, and access to the network it’s connected to. There has already been an increase in the number of such scams happening during this quarantine and high-alert period, with emails claiming to have new or urgent information about the pandemic.
It’s important to never click on a link in an email if you don’t know the person or company that sent it to you. Always try to verify the information in the email before you click on any links. If you do click on a link and the web page you arrive at asks for personal information, never fill in those details.
Hackers are always on the lookout for personal login details. If you do fall victim to a phishing scam, it’s important to change your passwords immediately. Also alert your company of the concern as soon as possible, in case the hacker is able to get into your work email and send out phishing emails to all of your colleagues.
The final word
Just because you’re working from home now doesn’t mean cybersecurity protocols should be relaxed in any way. Protecting your company data and your employees’ data doesn't have to be difficult, and remote working doesn’t mean compromising your business security.
About the Author: Addison is a content editor for Better Buys where she writes about all things software related. When she’s not writing she loves curling up in her papasan chair with a glass of wine and Nintendo Switch in hand.
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
- Blog2022.10.12Vulnerability management with Wazuh open source XDR
- Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky