COVID-19, better known as the coronavirus, has imposed tremendous impacts on economies, financial markets, hospitality, tourism, manufacturing and transportation industries worldwide. As this virus continues to spread rapidly, many businesses and schools are closing their doors and transitioning to remote work and online learning platforms. While remote working efforts may be effective to slow the community spread of COVID-19 from person to person, they also present their fair share of cybersecurity challenges.
Companies both large and small are bracing for potential outbreaks by asking employees to work from home. Apple, Facebook and Amazon are among the growing list of companies that have already made the switch. For companies that leverage cloud-based services and remote employees, incorporating small changes to account for the heightened usage of remote access won’t be difficult. However, businesses that have yet to adopt the hybrid framework are challenged with creating and implementing a remote work plan.
Without proper oversight or preparation, businesses face increased security concerns. Remote users accessing third-party Wi-Fi services provide hackers with an easy entry point to a user’s device. Similarly, threat actors have exploited the disease to spread coronavirus-themed malware through URL manipulation, botnet-driven emails, and credential stuffing. With increased congestion on home broadband networks, IoT device hacking is another major business concern that we can expect to see with the rise of remote work.
In the face of COVID-19, businesses are obligated to maintain not only their data security but the health and safety of their employees. If your organization plans to provide remote work options, it’s important to ensure employees are equipped with the proper tools, resources and security protections needed to protect against increased threats. The CISA recently issued checklists and guidance documents to help executives evaluate potential workforce and operations disruptions along with actions for security protection. Below are four important steps to creating a safe remote work environment:
- Establish Your Business Continuity Plan
Organizations should take the time to establish or reevaluate their existing business continuity plan. Your plan should include remote work policies, effective communication tactics, employee training, IT system readiness, and security management.
- Set up a Virtual Private Network (VPN)
VPNs allow users to establish a secure and encrypted connection from anywhere in the world. This protects the data of remote workers, ensuring that no one can eavesdrop on your connection. While VPNs encrypt data from point A to point B, it’s also important to ensure your device is connected to a secure Wi-Fi network to protect the data housed on the physical device.
- Require firewalls, antivirus software, and anti-malware
Require remote workers to have up-to-date firewalls, antivirus software and anti-malware on all devices. These protections should be preinstalled on laptops, and technical support should be available to assist employees with updates and implementation.
strong passwords and two-factor authentication
Training remote workers to use strong and varied passwords is the simplest form of data protection. A password manager tool randomly generates and safely stores passwords to keep data secure, and two-factor authentication confirms a user’s identity by requiring a username and password, and another piece of information for an added layer of protection.
Read more of our team’s technical content on COVID-19.