The COVID pandemic has changed the way many businesses operate, with many employees now working from home full time. But can add an extra security strain on a company’s cyber defenses. What practices and software solutions can a company adopt to help protect it from security breaches over a remote network?
A recent survey by a leading global management consultants firm found that 47% of US/UK organizations will give employees the choice of working remotely full time once the pandemic is over, and 82% said employees may work from home at least one day a week.[ADD CITATION] It’s the new changing face of the work environment and has been adopted not only by large global corporations but by those Small to Medium Enterprises (SMEs)which have switched operations to home-based for some of their employees.
But while a company allows staff to work remotely when needed, it also comes with cyber security risks. Remote workers can often put their own privacy at risk while causing increased exposure to the company's information security, too.
For any business considering remote working for its employees, it should first ensure that its own cyber security policies and procedures are in place before any transition happens and that includes the physical hardware (laptops, PCs and smartphones) that will run across a remote or cloud network. What vulnerabilities will they pose? How strong is the current network security?
Cyber Security Across Your Network
One simple rule of thumb is that if anyone is working within or on behalf of a company, they should ideally have encrypted separate work and personal devices running a secure and supported operating system. Work data must only be kept on work computers. As operating systems can quickly become outdated, it’s also worth appointing an IT guardian who can keep the system up to date. When not in use, the system should include automatic locking with a personal password.
Taking a long hard look at a company’s security policies also means making employees aware of the best compliance practices when they are online using company hardware. That includes guidance on creating and maintaining strong passwords, storing devices securely and the rules for visiting websites that aren’t work-related.
Organizations need to explain the technical solutions they’ve implemented to help protect sensitive data and how employees can comply. For example, addressing one of the most common attack vectors, you should implement two-factor authentication to access any third-party service that you use.
Attackers often use phishing scam emails to target remote workers, designed to either dupe people into handing over secure company details or downloading a malicious attachment containing a keylogger or other malware. According to Infosecurity magazine, phishing emails have spiked by over 60% since the end of February 2021 as cyber criminals look to capitalize on the fear and uncertainty generated by COVID. Ideally, employees should avoid public Wi-Fi connections which are extremely vulnerable to cybersecurity risks.
And as an extra level of protection, specialized cyber insurance can offer the same peace of mind whether employees are working under one roof or in their own homes. Combined with secure working procedures and an ‘involving everyone’ communications strategy, organizations can help safeguard against external threats.
The opinions and statements made herein are intended for general informational purposes only and should not be viewed as a substitute for any legal or other advice on any particular issue or for any particular reason. While the information provided herein has been compiled from sources that are believed to be reliable, no warranty, guarantee or representation, either expressed or implied, is made as to the correctness, sufficiency or adequacy of such information.
Keywords: Cyber security, cyber insurance