Since the outbreak of coronavirus (COVID-19), we have seen recommendations of social distancing, nationwide closures of schools and local businesses, and even national lockdowns of entire cities in the headlines. As the COVID-19 pandemic continues to unfold, we are likely to see further precautions taken to prevent spreading the virus, including major lifestyle and behavior changes. As part of this effort, we are likely to see more and more organizations transition to remote working environments in order to ensure the health and safety of their employees. However, this poses a larger question. What does this mean for the online security of those businesses?
Larger corporations, such as Facebook, Amazon, and Google, all have the proper resources and security infrastructure in place to protect their valuable online assets and communications, but what about small to medium-sized businesses?
The rapid spread of COVID-19 is without a doubt putting remote work to the test! Those smaller organizations who don’t have work from home policies already in place are feeling a major impact. As more and more businesses face the imminent need to implement remote working opportunities for employees, we will discuss our top three tips to help make this transition smooth, as well as secure.
Top 3 online security tips for remote workers
While working remotely, using the right tools to ensure you are communicating effectively as an organization will be critical. Instant messages, emails, and video meetings through company-issued laptops and mobile phones will be the beacons of communication during this time. With this new mobility, organizations should make it a requirement for all employees to use a virtual private network (VPN) on their work devices, ensuring company assets and communications are secure.
A VPN will encrypt an internet connection and ensure employees can safely browse the internet, which protects the organizations from man-in-the-middle attacks. Cybercriminals can intercept your browsing data to steal personal identifiable information (PII), such as name, address, email, phone numbers, and even login credentials.
With the influx of remote workers — organizations must remind employees that they should never use an unsecured wi-fi connection to work. Working on an unsecured network can lead to number of security risks, such as a ransomware attack. All an attacker has to do is gain access to the same wi-fi connection to access proprietary company information or, worse, an employee’s company login credentials.
2. Be Extra Cautious with Company Devices
Using a company device, such as a laptop, for personal use is not a wise decision in general. But when employees are working from home, they may be more likely to check personal email or social media accounts, leaving the door wide open for cybercriminals. At a time like this, the unfortunate truth is we are likely to see cybercriminals exploit the COVID-19 health scare. For instance, malicious individuals may setup fake COVID-19 websites, spoof government and healthcare organizations in phishing email attempts, and create social media scams around fake fundraising. If your employees fall victim to these scams when checking their personal email or other accounts through their work laptop or mobile device, it can put your entire organization at risk.
All it takes is the click of a button to invite a cybercriminal into your company’s laptop, allowing them to gain access to important company data. By reminding employees to only use company devices for company data and logins, can keep those devices and the broader organization safe from phishing scams that can lead to ransomware.
3. Communicate Security Best Practices
Before implementing a work from home initiative, devise a strategy to reiterate security best practices that your employees should follow while working remotely to help protect your company. For instance, educating your employees about phishing emails with suspicious attachments, reinforcing the important of using strong passwords, and communicating clear rules on how to store and share company data are proactive steps in the right direction.
As you apply these cybersecurity guidelines, educating your employees in cybersecurity best practices will benefit your business and prevent severe fallout from an attack. A trained employee can act as a human firewall during a time when cybercriminals are taking advantage of a much larger issue, COVID-19.
Monique Becenti is a product and channel marketing specialist at SiteLock, a cloud-based website security provider currently protecting more than 16 million websites globally. Monique is passionate about improving the customer experience for all. SiteLock’s combination of dedicated research and developmental efforts, aggressive product road maps, and access to a massive global data set make the company a leading innovator in web security.