01 Feb 2021
It’s been almost a year now, since the pandemic seemingly turned our worlds upside-down in what was seemingly an instant. Many workers who had never worked remotely began doing so on a regular basis. And while that was immensely helpful in curtailing the spread of the physical virus, e-viruses have flourished, as anyone with even a grain of cybersecurity knowledge accurately predicted.
So, while we tried to warn folks, we knew we’d have our work cut out for us. So after almost a year, here is our best advice for those wanting to protect your at-home workers, as this trend does not appear to be going anywhere, anytime soon… even after the pandemic (finally!) ends…
1. Start with a Risk Assessment for Every Remote Device
How can you know the best way to protect yourself if you don’t know what you’re up against?
You can’t. I mean, you might get lucky, but it makes a lot more sense to prepare by fortifying your weaknesses and staying a step ahead by creating a Disaster Plan in case the worst does in fact happen.
If you have an IT Department, they’ll likely be able to handle it, but if you don’t, you can always outsource your cybersecurity, and, in fact, many cyber security firms will include Risk Assessments with other packages, and they aren’t expensive, especially for the amount of information provided.
2. Endpoint Security is Key
Even if you make it a policy not to, the likelihood of your WFH employees pulling double-duty on devices is pretty high. How many remote employees have been able to completely ignore the call of Facebook or a Discussion Board whilst trapped in the depths of the Zoom call that won’t end, or working on their personal device while lounging in their bed? Perhaps you weren’t able to afford to supply them with their own work laptop, forcing them to have to use their personal device for work.
It’s an unfortunate reality of today’s workers’ lives that business and pleasure will most likely mix. Instead of blowing up when it does occur, plan for it with endpoint security.
3. Cyber Security Awareness Training
Along those same lines, the more cyber security awareness training you can give your employees? The better. If it weren’t for employees, there would be no breaches; make sure they know how to spot suspicious-looking emails BEFORE they open them, and that they understand password security tips and tricks, and the probability of a successful attack on your business will be significantly reduced.
4. Take Advantage of Your Privileges
Not every employee needs access to every single file, so it only makes sense to limit access to your company’s sensitive information by setting up privileges on your network. If your employee can access something? So can the right hacker, but limiting authorization limits just how easily a bad actor can access it. It’s also important to put roadblocks to access at every single level with additional steps for authentication.
It might seem like a bit of a headache, but it is well worth the minor inconvenience for the increased level of security you gain.
5. Stop Snoozing Your Updates
Yes, you are in the middle of something… But as soon as you aren’t anymore? Complete that update! Updates and patches are created to keep users safe from known vulnerabilities, and putting it off for too long can put you at risk. In fact, Fraunhofer Institute for Communication reported that a whopping NINETY PERCENT of home router breaches were due to manufacturers failing to complete device updates. So easily avoidable! And yet, hackers are notorious for using home routers as a gateway into devices that store more sensitive information, like passwords and usernames.
Let me repeat this: Manufacturers being lazy is a direct cause of cyber home invasions. Meaning that neither you, nor your employees, should rely on them to complete the updates in a timely fashion, so it’s important to train your employees to do it themselves.
So much of what makes cyberattacks successful? Is completely avoidable. While there are attacks that are so highly-sophisticated that even the most notable cybersecurity firms are susceptible (*cough* Sunburst Attack *cough*), most of them are much more simple and avoidable. If you are stressing about your business’s cyber security (or lack thereof), a great place to start is by implementing the layered defense mechanisms we recommend in our FREE Remote Security Checklist. While that will really get the ball rolling, for an enterprise-wide strategy, feel free to give us a call at 919-422-2607, or schedule a free online consultation today!
Remember: Hackers have NO shame. It’s up to you to recognize that, and to figure out what you can do to make your business and your employees more secure from these nefarious criminals.