Many businesses and organizations are implementing Work from Home strategies as a result of the Coronavirus/Covid-19 pandemic. With the technologies available today, Work from Home is more realistic than ever. However, there are a number of additional cybersecurity risks that employees and employers need to be aware of.
Fulcrum Group’s Cybersecurity advice for Work from Home for employees and employers includes:
- Be on HIGH ALERT for an increase in phishing email attacks. Especially those that contain CORONAVIRUS or COVID-19 as the subject line. Also be suspicious of emails from anyone you don’t know, and of any potential phishing emails about changing or verifying your password.
- Ensure your Home Wi-Fi connection is secure. While most Wi-Fi is correctly secured, some older installations might not be, which means people in the near vicinity can snoop your traffic. Pro Tip: Get a new Wireless Access Point or Router. If provided by your ISP, ask them to provide a new Wireless Router.
- Only use your company assigned laptop or desktop computer. Using a personal or non-company owned computer can introduce increased cybersecurity risks, and is likely prohibited under your company’s IT acceptable use policy. Limit personal/leisure access such as Facebook and personal email on your work computer.
- Check with your IT department to determine if your antivirus and Windows patching is up to date.
- Any personal computers that will be used on the same Home Wi-Fi network will need to be secured with up to date antivirus and Windows patching. Don’t login to work applications or systems, including Office 365 email, from your personal computer.
- Check with your IT department about where to store files to ensure that they will be backed up.
- Lock your screen if you work in a shared space: Fulcrum Group suggests workers avoid co-working or shared spaces at this time and that social distancing is extremely important to slow down the spread of the virus.
- Make sure you are using a secure connection to your work environment. Your company’s IT department should be providing VPN or other secure connection options.
- Check with your IT department to see if your computer’s hard drive is encrypted, and if it isn’t, should it be?
Fulcrum Group says employers should:
- Make sure your employees know how to get remote support, not only on how to get setup for Work from Home, but also whenever problems arise.
- Ensure that remote access techniques are secure. VPN or Secure RDP are two of the more common methods for secure remote access.
- Provide virtual solutions. For example, the use of electronic signatures and virtual approval workflows to ensure continuous functionality.
- Define a clear procedure to follow in case of a security incident.
- Consider restricting access to sensitive systems where it makes sense.
- Encourage the use of Microsoft Teams or other collaboration tools. And make sure that users have some training and a headset so that they can do audio conferencing and calls.
Following these tips can help protect the cybersecurity of your organization, even when users are working from home.
See our Coronavirus Status Updates page for more information on current support status and other important communication from The Fulcrum Group.