06.05.2020 Working from home is new – and so are the cyber threats

by Andrew Milne

Field Effect offers remote work safety tips for World Password Day

We shouldn’t need a special day to follow smart computing habits — yet, today’s World Password Day serves as a good reminder. In fact, as we find ways to effectively work from home, it’s more critical than ever for the distributed workforce to remember and follow security best practices.

The reality is, while employees adapt to the new business normal, cyber security must be considered. Workers across the globe are connecting to corporate networks from home locations, accessing remote work tools, and email and cloud services from personal and business devices. They’re collaborating using video conferencing apps, and sharing, managing and storing data from the cloud.

With the increase in digital technologies and remote workers, company data no longer sits in one place — putting new demands on IT to secure this changing network perimeter and close security gaps.

That’s right, IT is once again in the spotlight as the recent changes increase a company’s attack surface and bring new cyber security risks. In fact, data shows 40% of organizations are already experiencing a strain on internal IT resources.

IT must now find smart, efficient ways to quickly support work from home employees — while staying ahead of the wave of COVID-19 scams and cyber threats.

Consider this:

  • Canadian reports of COVID-19 fraud totaled 766 between March 6, 2020 and May 1, 2020 — including 188 actual victims. During the pandemic, COVID-19 fraud has cost Canadians $1.2 million CAD.
  • In the UK, an estimated 824 people have fallen victim to COVID-19 fraudwith losses up to £2m during the pandemic.

So, where do you start?  How do you maintain security for a growing remote workforce?  How do you put work from home policies in place quickly?  How do businesses without dedicated IT resources anticipate the bumps in the road ahead and respond?

Are small and mid-size enterprises ready for what lies ahead?

Here’s what you need to know to secure remote workforces

Ensuring employees who are working from home remain productive, while you build a secure IT environment, is the challenge of the day.

Andrew Loschmann, our Chief Operating Officer, has provided a few key considerations to keep in mind:

  • Stay ahead of human error: Threat actors are preying on the human need for information and the need to take action. Be extra cautious when dealing with emails related to COVID-19, particularly if they ask employees to take to action or install software. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued an alert providing details about attacks and techniques observed.
  • Use strong passwords: Password best practices remain an important defence. Aim for unique, complex passwords. Consider using a password manager to help you easily automate the creation and management of your passwords.
  • Protect the digital identities of your workforce: Use multi-factor authentication (MFA) to keep users, devices, data, and networks secure. This provides an additional layer of security to help prevent attempts to steal usernames and passwords and stage further attacks. Here is more insight about MFA and its benefits.
  • Ensure safe virtual private networks (VPNs): Remote access to networks should always be provided using a secured, up-to-date and patched VPN. Do not offer direct access to Windows Remote Desktop Protocol from the Internet (RDP). Remember: Attackers use automated tools to find their victims – you cannot leave the proverbial key under the mat for a few hours and hope no one in the neighbourhood notices.  Your cyber security neighbourhood is global: opening up access and hoping to ‘fly under the radar’ won’t work.
  • Take extra caution with anything involving financial data: When paying bills and transferring money to and from your business, particularly when normal business patterns have changed due to ‘work from home’ arrangements, pick up the phone to call the other party whenever updates to payment information are made.  Always verify the changes are legitimate.
  • Implement continuous security monitoring: At Field Effect, we believe constant visibility to the threats and risks to your network is critical. Our Covalence security monitoring solution is easy to use and manage, providing visibility across endpoints, networks, and clouds to identify threats, risks and vulnerabilities.

Is your remote work setup safe and secure?  Find out by taking our short cyber security quiz.

We hope these tips help paint the picture of a secure work from home environment. Stay safe everyone!  As always, if you have any questions please reach out at hello@fieldeffect.com.

We’re here to help.






Request Demo

Fill out the form and we will send you details about our demo.