We shouldn’t need a special day to follow smart computing habits—yet, today’s World Password Day serves as a good reminder. In fact, as we find ways to effectively work from home, it’s more critical than ever for the distributed workforce to remember and follow security best practices.
While employees adapt to the new business normal, cyber security must be considered. Workers across the globe are connecting to corporate networks from home locations, accessing remote work tools, and email and cloud services from personal and business devices. They’re collaborating using video conferencing apps, and sharing, managing and storing data from the cloud.
With the increase in digital technologies and remote workers, company data no longer sits in one place—putting new demands on IT to secure this changing network perimeter and close security gaps.
That’s right, IT is once again in the spotlight as the recent changes increase a company’s attack surface and bring new cyber security risks. In fact, data shows that 40% of organizations are already experiencing a strain on internal IT resources.
IT must now find smart, efficient ways to quickly support work-from-home employees—while staying ahead of the wave of COVID-19 scams and cyber threats.
Consider this:
- Canadian reports of COVID-19 fraud totalled 766 between March 6 and May 1, 2020—including 188 actual victims. During the pandemic, COVID-19 fraud has cost Canadians $1.2 million CAD.
- In the UK, an estimated 824 people have fallen victim to COVID-19 fraud, with losses of up to £2m during the pandemic.
So, where do you start? How do you maintain security for a growing remote workforce? How do you put work-from-home policies in place quickly? How do businesses without dedicated IT resources anticipate the bumps in the road ahead and respond?
Are small and mid-size enterprises ready for what lies ahead?
How to secure a remote workforce
Ensuring employees who are working from home remain productive, while you build a secure IT environment, is the challenge of the day.
Here are a few key considerations to keep in mind:
Stay ahead of human error
Threat actors are preying on the human need for information and the need to take action. Be extra cautious when dealing with emails related to COVID-19, particularly if they ask employees to take to action or install software.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued an alert providing details about observed attacks and techniques.
Use strong passwords
Password best practices remain an important defence. Aim for unique, complex passwords. Consider using a password manager to help you easily automate the creation and management of your passwords.
Protect the digital identities of your workforce
Use multi-factor authentication (MFA) to keep users, devices, data, and networks secure. This provides an additional layer of security to help prevent attempts to steal usernames and passwords and stage further attacks. Here is more insight about MFA and its benefits.
Ensure safe virtual private networks (VPNs)
Remote access to networks should always be provided using a secure, up-to-date and patched VPN. Do not offer direct access to Windows Remote Desktop Protocol from the Internet (RDP).
Remember: Attackers use automated tools to find their victims – you cannot leave the proverbial key under the mat for a few hours and hope no one in the neighbourhood notices. Your cyber security neighbourhood is global: opening up access and hoping to fly under the radar won’t work.
Take extra caution with financial data
When paying bills and transferring money to and from your business, particularly when normal business patterns have changed due to work-from-home arrangements, pick up the phone to call the other party whenever updates to payment information are made.
Always verify the changes are legitimate.
Implement a 24x7 cyber security solution
At Field Effect, we believe being able to detect and respond to threats and risks to your network as quickly as possible is critical. Covalence provides 24x7 visibility across endpoints, networks, and clouds to identify and address cyber threats, risks, and vulnerabilities. What's more, Covalence is easy to use and manage, so businesses of all sizes can get the cyber security they need.
We hope these tips help paint the picture of a secure work-from-home environment. As always, if you have any questions please reach out at letschat@fieldeffect.com. We’re here to help.