Are Your Remote Employees Protected From Cyber Attacks?
I’m sure by now you’re tired of hearing about the COVID-19 pandemic, and just wondering when it will end. I feel you, but these recent lockdowns over Australia have only emphasised that the COVID-19 virus isn’t leaving us any time soon. The new hybrid work model means that most of us are working from home (WFH). With that comes many benefits but also some risks, with the main one being cyber security. In a traditional workplace, devices are protected by company resources and the efforts of the IT department. At home, more of the responsibility falls on your employees.
The personal devices used whilst working from home don’t usually come with the same level of security as you get with a company-issued device. For that reason, companies & IT managers are needing to put a more permanent system in place to overcome these cyber security threats. This is particularly the case as they come to the realisation that the hybrid workplace is here to stay, well after the ‘COVID-19’ dust settles.
What are the fundamentals of WFH cyber security?
The general concepts of cyber security around remote work haven’t changed if anything they’ve only evolved. In fact, there has been a wave of new schemes, including email scams impersonating suppliers to re-direct invoice payments. The World Economic Forum indicates that since workers are “distracted & vulnerable” the chances of a cyber attack slipping under a company’s defenses are greater than ever. This raises the question of how to best safeguard your data to ensure your employees have all the necessary tools to combat such attacks.
How can you protect your data?
There are a many key areas that you can examine to ensure the security of your data, including:
- VPN (virtual private network) – If most of your staff are WFH you should ensure they are using a VPN. A VPN helps to improve online privacy. It encrypts all your internet traffic, making it unreadable to anyone who intercepts it.
- WIFI Connections – Most home WIFI connections are secure, but employees should be aware that public WIFI networks in cafes for example, are a prime spot for malicious parties to intercept your internet traffic and data. This gives them the ability to collect confidential information.
- Home Routers – Many people keep their default password, which leaves their home network vulnerable. Employees should be encouraged to take simple steps to protect their home network. Changing the password is a great first step but other actions could include making sure firmware is installed.
- Passwords – One of the first steps to preventing future cyber-attacks is password management. Unfortunately, many employees still use the same password across multiple accounts. This means it only takes one compromised password for an attacker to take over all accounts. It is important to ensure all employees have strong passwords to protect their accounts and the “remember password” function should never be turned on when signing into the company’s information system.
- Two-factor Authentication – Having strong passwords isn’t enough these days. Two-factor authentication involves an extra step, for example an email or phone call to a nominated recipient. This means If someone happens to guess the password there is the added level of protection for your data.
- Antivirus software – A good advanced antivirus software can act as a line of defense by detecting and blocking known malware. Even if malware does manage to find its way onto an employee’s device, an antivirus may be able to prevent it. It’s important to ensure the software is in place and fully updated.
Most of these protocols are cost-effective or even free so implementing them should be a no brainer. Ultimately it could mean saving your business for a data breach down the track. According to the Digital Attack Map, DDoS attacks, which often use compromised IoT devices, occur daily. A large area that is usually skimmed over when it comes to cyber attacks is your printer fleet. Any printer connected to a network is just as likely to suffer from a cyber attack as a computer.
Like other devices there are several ways to set up your printer to minimize the risk of data being leaked. The first and easiest step is the password. When a printer leaves the factory, it is protected by a default password, which you could imagine is much easier to crack then a strong password you select yourself. The next step is to ensure your device is always up to date with the latest firmware, giving them a better chance to safeguard against the latest threats.
As the future of hybrid working becomes clearer, and the need for secure document management becoming more important, organisations need to take the necessary precautions to prevent any future attacks. The above lists will give you a good idea of where to start to prepare yourself for the new digital era that is the 21st century.
Check out the video below to see just how easy it is for a cyber attack to occur if you aren’t prepared.