Adapt cybersecurity practices to teleworking
EEven as the pandemic begins to subside, more companies are allowing staff to continue working remotely rather than bringing them back to the office.
This has many benefits for employees and employers, including greater flexibility and better morale, less (or no) time to travel, savings in travel costs, reduced impact of car trips on the environment, etc.
But with more and more people working remotely, the risks of cybercrime attacks increase, as does the need for better cybersecurity to deal with new challenges.
How cybersecurity has changed with remote working
When the pandemic started and companies had to move quickly to remote working, it was all about getting everyone in place with what they needed to do their jobs as quickly as possible and not necessarily deepening the depth of the work. cybersecurity as they would otherwise. have done. It was fighting the fires, outright, just to make sure the work could continue as before.
As the pandemic progresses and more employers plan to allow remote working after the pandemic, cybersecurity departments must now ensure that they are on top of all the risks to their business. which could turn into permanent remote work.
If this has not already been done, at this point IT departments are now likely to introduce and enforce work-from-home policies, the use of business-only laptops, staff training on how to use them. way to protect yourself, etc.
The challenges of remote cybersecurity for companies
Cyber security was previously more centralized and relied on corporate firewalls, the internal IT team or the managed service provider, and a system that automatically pushes updates and patches to software.
Now, cybersecurity teams have to deal with individuals using laptops that aren’t a problem for the business, access the internet through home broadband, and use their business laptops for personal use, among other challenges.
Not only has the number of cyber attacks increased dramatically during the pandemic, so too has the risk simply because staff are working from home and don’t know how to stay safe or don’t think about doing things in a way. which mitigates the risk of cybercrime.
HP produced a report on this issue only which revealed alarming statistics, such as the following:
“70% of office workers surveyed admit to using their work devices for personal tasks, while 69% use laptops or personal printers for their work activities.”
“27% of those surveyed are using their work device to play games more than before the pandemic – reaching 43% for parents of children aged 5 to 16. “
“27% of office workers surveyed say they know they’re not supposed to share work devices, but feel they don’t have a choice. “
It’s a disturbing read for any IT security professional and shows what they face in trying to protect their businesses from attacks.
How can companies protect teleworkers?
Businesses need to ensure that their IT departments are fully aware of the risks of remote working and make every effort to secure all systems, including those that work from home.
One thing that can make a big difference is education. If businesses teach their remote workers how to set up their home offices securely, including how to configure Office 365’s own security measures, how to spot phishing scams, and what to do in the event of an attack, staff will then know how to help and how to guard against cyber attacks.
Another useful tool is to create and enforce company policies on remote working, including email security, acceptable use, personal use, allowing other users to use work computers, etc. With an appropriate policy, approved by senior management, staff have clear guidelines on what they can and cannot do.
Employers can also enforce the use of strong passwords, different passwords for each application, and regular password changes. This can be done by the IT team using password management software, and employees can be encouraged to use applications such as LastPass to generate and remember strong, impossible to guess passwords. . This reduces the likelihood of staff using the same password for everything and helps prevent hackers from cracking weak passwords and then going deeper into the network.
These measures, along with a range of other IT solutions, such as antivirus, firewalls, work only, corporate laptops, endpoint security, and two-factor authentication can help. to ensure the safety of remote workers.
What preparations should a company make for a remote cyber incident?
As you would expect, this takes a lot of planning, including examining your mission-critical systems, planning what to do if they go down, setting up regular and secure backups, and running it. developing a plan to quickly recover from such an attack.
Of course, prevention is better than cure, but it’s always better to be prepared and know what to do if the worst should happen.
Authors biography :
About Nathan Hill-Haimes
Nathan is an investor and co-founder of Amvia, serial telecom entrepreneur and inbound marketing expert. From his home on the North Devon coast, Nath works with a portfolio of technology, real estate and sports investments through his Croyde Bay Ventures fund. When not working, Nath can usually be found surfing, mountain biking or walking the North Devon coast with Wilf his working Cocker Spaniel.