Build your advantage with news and analysis you won’t find anywhere else
With so many things to consider as we move to a remote-work reality, cyber-security can end up at the bottom of our priority list.
But it’s never been more important to secure your company’s data.
Hackers are taking advantage of this difficult time to double down on cyber-attacks. Employees are particularly vulnerable to phishing schemes, as emails from unknown sources claiming to share the latest COVID-19 information continue to rise.
In the UK alone, victims lost £800,000 to coronavirus scams in February.
Each employee has a responsibility to protect their company from a data breach. Having the right knowledge is the first step to combat cyber-theft.
Here are five simple steps companies should consider to strengthen their data security at this time.
While many companies conduct ongoing cyber-security education, it’s important to consider which messages need amplification now that employees are working from home.
Let them know to be alert for a rise in phishing emails, to avoid the use of public Wi-Fi and to be sure they are using secure devices to complete their work.
Keeping software up-to-date and using strong passwords on all devices and apps is also key.
A company’s security is only as strong as each individual employee. It is essential that organizations convey that responsibility and that employees know what is expected of them.
Set Up a VPN
A VPN, or Virtual Private Network, extends a private network across a public one, enabling users to safely share company data while working remotely.
While larger organizations may have a VPN in place, it’s never been more important to ensure that employees are comfortable using it, and doing so regularly.
It’s likely that employees used to working in the office haven’t given much thought to how to connect to the network while at home. Companies should consider holding webinars and sending out detailed instructions on how to connect to their VPN.
Work Devices Only
Or more accurately, secure devices only. Every company has different rules about which devices can and can’t be used for official business. The most important thing is that every device an employee uses while working remotely be secure.
Whenever possible, employees should be communicating with their colleagues using devices provided by their employers.
Some companies may allow employees to conduct work on a personal device, if they take the proper security precautions.
Communicate that employees should consult with the IT department before conducting any business on a non-work device.
Run a Password Audit
It has never been more important for companies to take a hard look at their passwords.
Any password used to access a company-wide service must be strong and changed regularly. As a general best practice, they should be at least 12 characters with a mix of numbers, symbols and both capital and lower-case letters.
These can be stored in a safe location, likely an enterprise-level password manager. Whenever possible, two-factor authentication should also be in effect.
Develop a Contingency Plan
Finally, companies must have a strong contingency plan ready to implement in the event of a security breach.
Management responsibilities should be shared between teams, in case key personnel become sick or unavailable.
Employees should understand what their next steps are if a device is lost or stolen. Most of all, they should feel empowered and supported to share concerns about security breaches when they happen.