As the threat of COVID-19 continues to spread, many businesses are having employees work remotely. The rise of online working means that an organization’s attack surface will be more spread out. Employees may not have the same protections installed on their personal devices at home as they do on their workstations in the office. Without proper security precautions in place, users increase their risk to cyber threats like malware and phishing. It’s important to remind employees that although they may be working from home, they are still expected to engage in safe cyber habits and safeguard corporate data.
Attacks are Increasing
Cybercriminals are exploiting people’s fears by sending phishing emails about COVID-19. These emails impersonate official health departments and claim to have new information/updates about the virus. They are designed with the hopes of tricking users into downloading malicious attachments or giving up personal information. In one other instance, cybercriminals duped a popular interactive world map that displayed confirmed cases of COVID-19 to spread malware.
People who aren’t used to working at home can get distracted, especially if they are accustomed to going into an office everyday to work. They may mix personal browsing with their work and encounter cyber scams related to COVID-19. In their distraction, they may accidentally click on malicious links. Users may also feel safer while working at home and let their guard down when it comes to working online. They can forget to engage in simple cyber safe behaviours like locking their computer or double-checking URLs before they click on them.
The Security Challenges of Remote Working
Working remotely can create a lot of security challenges for organizations. Users who are not prepared to work remotely may have to use their personal devices to access corporate material. These devices may not be secured or have the latest updates installed. Users can end up engaging with malicious websites that would usually be blocked by an organization’s firewall or leave their devices open to vulnerabilities.
Users working from home may also be connected to networks that are not secured. Although users may not be working from public spaces (with public WiFi) during this time, home networks may not be properly secured either. Furthermore, employees may have insecure IoT devices (such as lights, refrigerators, etc.) connected to the home network. Each of these devices could be a potential entry point for hackers.
What You Can Do
Inform and Update Employees
Many people are stressed out and worried about how COVID-19 will affect them. Keep your employees informed about how their work is being impacted by the current outbreak and provide them with links to official sources (government, WHO, etc.) to ensure that they can keep themselves informed safely.
Reiterate Good Cybersecurity Practices
Awareness is the only way to combat phishing and social engineering scams. Employees must understand that they still have a responsibility to keep company data safe even though they are working from home. Remind employees to be careful of suspicious emails, especially those claiming to be about the virus. If they receive any suspicious emails, employees should disregard them and not engage. Encourage employees to not click on any links or download any attachments. They should always double check sender email addresses and any URLs they may encounter.
Issue Corporate Devices
To ensure employees have access to necessary resources required for their work, employees should be given company issued devices. This will make it easier for your organization to manage and monitor your remote systems and ensure that company data is separate from a user’s personal data. It will also ensure that all devices have security tools installed (e.g. anti-virus, encryption tools, etc.).
Use a VPN
A VPN will provide employees with a secure connection to your organization’s network. All employees should use a VPN to access company resources, especially if they are using personal devices. Ensure that your VPN is set up to support your entire remote workforce and that it is up to date.
Our Support IT platform can assist your organization in providing employees secure remote access to essential tools and systems. For more information on how Jolera can help with your remote working environment, contact us today.