March 20, 2020
by Russell Hatfield
The widespread disruption caused by the coronavirus pandemic is hitting small and medium sized businesses hardest. Workers across the world are now working remotely at a scale never before seen. This of course brings challenges but also vulnerabilities.
With staff out of the office, there is much less control over your cybersecurity. In your office you can control access to your servers, you know how secure your routers and access points are and you have physical control of who is using devices. In many respects, you may now be reliant on your staff to maintain proper cyber hygiene.
Below are some tips and strategies you can share with your workforce to maintain a level of cyber resilience during these times under quarantine.
- Warn Employees: Lock your screen… always! – You may not know who your employees are around while they’re working remotely. One of the easiest ways to mitigate risk is to train your employees lock their screens when they’re not using their devices.
- Warn Employees: Beware of Who Might Overhear You – Not only do you want staff to keep what’s on their screens safe but with everyone teleconferencing in from home, employees need to be wary of who might overhear their conversations. Whether it be family members or neighbors, tell them to be especially cautious if those conversations include sensitive work data.
- Warn Employees: Ensure Your Wi-Fi Security – Many people do not update the firmware for their Wi-Fi routers. One of the easiest avenues for hackers to steal data is through hacking routers with outdated firmware. Inform your workers that they should keep their firmware updated and to implement appropriate firewall protection.
- Ensure Secure Connection to Work Environment – You should employ some form of end to end encryption or use of a VPN so your employees can to safely connect to protected servers. If you already utilize a VPN, advise your staff to disconnect from the VPN periodically if possible. Exiting and re-entering the internal network SHOULD trigger a full security scan of your device automatically.
- Check Security Software is up to Date – If you can remotely keep anti-virus software, privacy tools, browser extensions and other software up to date for your employees, that would be ideal. Otherwise, make sure to remind staff to update all essential software regularly.
- Create a Backup Strategy – Make sure you have backups and checks in place for your most important files to maintain business continuity in a worst case scenario.
- Maintain Adequate Support – Undoubtedly there will be issues for your workers. You want to make sure you have support staff in place to help remote staff keep things running smoothly.
- Create Incident Response Procedures – In case of a cybersecurity incident you want to make sure there is a plan in place to handle the issue remotely. You also want to make sure you release guidance to your staff on what to do if there is a data breach or incident.
It is also important to keep your employees alert and aware of cyber threats and dangers. Bad actors are already using the pandemic as an opportunity to profit. Just last week we published a blog about phishing email attacks pretending to be from the CDC as a warning. If you have any questions about protecting your business and remote staffers or just about cybersecurity in general, please reach out to us. We are happy to help.