Last Updated: 15th December, 2020
#COVID-19 Remote Workforce: Many organizations around the world have sought their employees to manage from home in response to the COVID-19 outbreak. This has created cybersecurity challenges for many businesses as they frequently lack the experience, protocols and technologies to enable a COVID-19 Remote Workforce, in a secure way. Over here are some common challenges organizations are facing as they transition their workforce.
#COVID-19 Remote Workforce: Remote Workers Lack Security Awareness
Many employees are working from home for the first time. They don’t recognize the best practices that experienced remote workers know well, such as using a VPN on public networks, or not saving sensitive information on their personal devices. Negligent employees comprise the number one cause of cybersecurity breaches and the risk increases exponentially when working remotely.
The solution is straightforward – discipline your employees in the fundamentals and retrain them periodically. Equipping your employees with the accurate knowledge and tools will develop a long way in securing your valuable data.
The cybersecurity awareness training should cover cybersecurity best practices and rules employees should follow when working remotely. Over here remain the suggested topics to include:
- Physical security of computers and peripheral device protects. Outline what employees must do to secure their COVID-19 Remote Workforce/workspace and steps to protect their work stations and devices.
- The password best practices and faux pas. Instruct employees how to generate strong passwords using passphrases and avoid using weak and compromised passwords. Go over the basics such as never sharing passwords or inscribing them down.
- Detect cybersecurity threats, including phishing attacks, social engineering and suspected malware.
Safeguard work data. Ensure employees exclusively use secure internet connections such as VPN, use encryption software and include up-to-date firewalls, anti-virus software and anti-malware on all their devices. Make sure employees know all the cloud-based collaboration platforms available to them and that they necessitate to preserve files and services on the cloud. Ensure encryption is used for all data that is stored and in transit.
- Safe remote and mobile computing should include anything from securing remote access to BYOD security.
#COVID-19 Remote Workforce: Increased Susceptibility To Phishing Attacks
Phishing attacks are the practice of delivering fraudulent communications that appear to originate from a reputable source. Phishing, also tricks targets into transferring on their passwords which can be used to manipulate administrative data. In the present circumstances we are seeing an uptick in phishing attacks exploiting coronavirus references to lure employees in clicking on malware-infected websites or attachments.
Unless you engaged in educating on cybersecurity consciousness, start by sending a prevention notification advising workers to implement the necessary precautionary measures:
- Avoid following links in unsolicited emails and be wary of attachments.
- Always verify email sender domain to see if it matches the website of the organization the email comes from.
- Check for any suspicious URLs within the emails.
- Use trusted sources for fact-based information about COVID-19 Remote Workforce.
- Avoid responding to emails soliciting personal or financial information.
Employees may have already fallen for phishing attacks, and even handed over their credentials. Or they could be using compromised passwords leaked from previous breaches, creating a vulnerability for your business. To prevent cyber-criminals from exploiting those passwords to gain access into your corporate network, use this free password auditing tool to scan your Active Directory for compromised passwords.
#COVID-19 Remote Workforce: Password Expiration Putting A Strain On Service Desk
Password expiration reminders work whiles in the office or on-network, but a fail to notify users when working remotely. Expired passwords increase calls to the service desk where the IT staff is already burdened with transitioning to a remote organization.
Identifying accounts with passwords approaching expiration with proactive communication can assist you prevent the issue altogether. This free password notification tool enables IT admins to configure password expiration email reminders to be sent via their own SMTP server, letting IT admins communicate password expirations to remote users.
You might define how long prior to the password expiration the emails will be sent, as well as how often they are conveyed.
#COVID-19 Remote Workforce: An Opportunity For Better Security
A fragile infrastructure combined with targeted COVID-19 phishing attacks promote a prime opportunity for cyber-criminals. However, organizations can equally handle the outbreak as an opportunity to bolster security and implement the above mentioned solutions to decrease risk.