As coronavirus spreads around the world, businesses are urging their employees to work from home. While this proactive approach to contain the virus is welcome, many are overlooking the cybersecurity implications of a remote workforce.
The majority of businesses haven’t developed or tested their work from home policies before, especially with this number of employees. Therefore, many have never considered the impact this can have on the company network, as most employees will be using an unsecured home connection to access their work.
Although many view cyber security as a complication to remote working, there are a number of policies that are easy to implement to make sure that the company’s infrastructure and employees’ home networks are secure. Vulnerable people and devices can be targets for hackers, who look to take advantage of lax security measures.
Here are a few rules recommended by Jake Moore, Cyber Security Specialist at ESET:
“The first thing to check is that employees working remotely are using computers that connect to a virtual private network, or VPN. This should be the default on office-supplied laptops, but it is worth checking if employees have a valid subscription. If employees are using home computers, they should be encouraged to install a well-established VPN network with good reviews. This is a secure way of transporting private data across unknown networks, even via a home router. Instead of worrying about the security of individual apps on a device, a VPN connection can protect against multiple attacks. A secure VPN connection can stop your passwords and IP address from being exposed.
“If workers have to use public Wi-Fi, they must be reminded not to use it without a VPN. Better still, they should try to use a hotspot phone connection instead, which can be faster and more secure. Taking simple steps, such as avoiding public Wi-Fi wherever possible, can go a long way in mitigating risks – so employers should ensure that they are actively reminding employees to choose secure networks.
“If employees are using personal computers, it is essential to use the latest operating system and make sure it is up-to-date. Microsoft ended mainstream support for Windows 7 recently, so you must remember to switch to other operating models that have full supplier support. All PC peripherals used, such as USBs, must have an antivirus installed to contain any form of malware that could be transmitted into the network. Also, it’s always a good idea to scan any machine for malware before it is used for work purposes.
“Using additional layers of security will help businesses to steer clear of most sophisticated threat vectors. Encrypting private data and implementing multi-factor authentication are useful measures to enhance home and workplace security.
“Employers must ensure that workers are always aware of where vital data is stored and encourage them to reach out to IT support workers if anything seems out of the ordinary, especially when it involves financial transactions. Everyone in the company, regardless of seniority, needs to be extra vigilant when working remotely.”