When the World Health Organisation (WHO) declared COVID-19 as a global pandemic back in March, there was a rush to get employees prepared for working from home. As a result of this rush, security considerations for remote working took a back seat for many companies.
It is only now that the dust has settled and people are accustomed to working from home that security issues are coming to light. However, for many companies it is too late and cybercriminals have already taken advantage of vulnerabilities. As a result, 2020 has seen higher levels of cyber threats and cyber-attacks than ever before.
So how can security be improved when working remotely?
All employees should be aware how their actions may compromise security when working from home and what steps they can take to protect the company’s networks and systems.
Therefore training should be provided to help employees understand how cybercriminals exploit weaknesses, especially in a remote environment. This will help employees to better equip themselves so that they can prevent attacks from happening in the first place.
Using strong passwords helps to protect businesses from hackers. Businesses should use long passwords with a mixture of characters, including upper case, lower case, numbers, letters and punctuation.
For an added layer of security for remote working, two-step authentication processes and unique passwords for different logins should also be used where possible. If you have several different logins and passwords, Password Managers such as LastPass are useful applications for securely storing all passwords and logins.
In a global report by Vanson Bourne on the current state of email security, 58% of respondents noticed an increase in phishing attacks between February and March of this year. This noticeable increase is most likely due to cybercriminals exploiting the vulnerabilities associated with working from home.
Therefore, to prevent cybercriminals from getting access to confidential information via emails, companies need to introduce encryption and the robust management of corporate emails. Encryption disguises the content in emails so that potentially sensitive information is protected and only the intended recipient can see it. Training should also be provided for employees to educate them on what to look out for with phishing emails.
A VPN or Virtual Private Network is used to guarantee anonymity and online privacy for public internet connections by making it a private network. VPNs are important for remote working because they can secure a connection, even if an unsecured home network is being used. If any cybercriminal tries to intercept the data flow, they will only see encrypted and inaccessible information.
Any devices that are owned by the organisation should be properly protected using software such as antivirus, web filtering and device encryption. However, it is not enough to have this software installed on work devices, it needs to be regularly updated for it to be effective.
Cloud-based security solutions
COVID-19 and the transition of remote working has increased the speed that companies are shifting to cloud-based solutions. These solutions are helping companies of all sizes to protect their now widely distributed environments. Companies who are now working from home should implement cloud-based security solutions to ensure that the company is safeguarded and threats can be identified quicker.
In conclusion, cyber resilience strategies and cybersecurity awareness training will be critical to keeping businesses operating efficiently and safely during the ongoing pandemic, according to the global state of security report. This will make the biggest difference for companies and may even determine whether a company survives or fails in this uncertain economic climate.
Written by Michelle Young