Cybersecurity for Remote Workers
Wednesday, 8 April 2020
The global COVID-19 Coronavirus pandemic has had a significant impact on workplaces globally. For businesses that are able, the majority of work has been moved to remote work with most employees now working from home. Having many employees working remotely can be a major change for businesses and presents a number of concerns regarding cybersecurity for remote workers. In this blog, we address cybersecurity for remote workers and what you can do to ensure your company remains secure.
Risks of Using Personal Devices & Wi-Fi Networks
Most employees will be required to use personal devices and their own networks when working from home. These often lack security systems such as strong anti-virus software, customized firewalls and online backup. This increases the risk of malware hacking the devices allowing cybercriminals to access both personal and work information. Another risk of employees using personal devices for work-related matters is that if they leave the company, the confidential information on their device cannot easily be erased.
If your employees are working from home, they are most likely using their home wi-fi which they can secure. You should recommend that they avoid unsecured public wi-fi networks which can easily be hacked by cybercriminals. We recommend putting in place restrictions on accessing unknown wi-fi networks unless they are using a VPN connection.
We realize that this sounds scary especially given the insecurity that is felt by many businesses right now. We will get to cyber insurance shortly but here are some proactive measures you can take to improve your cybersecurity for remote workers:
1. Use strong passwords & Set up two-factor authentication
Using strong passwords can help keep accounts secured. Many people use the same password across multiple accounts and so all it takes is for a criminal to hack one password to then have access to all passwords. This is not a great practice for business accounts or personal accounts.
Strong passwords should be unique for each account and should comprise of a long string of numbers, special characters and both upper and lower-case letters. Leaving your team to manage the logins to the many applications they use daily is often where the weakest link is. One solution is to use password managers which provide a secure way for IT teams to store and manage thousands of passwords, making them hard to hack.
Having an additional layer of protection can be achieved using two factor authentication. Two-factor authentication (2FA) and two-step verification (2SV) involve an additional step to add an extra layer of protection to your accounts. This could involve adding an email or text confirmation or biometrics to verify identity on top of a password.
2. Use a VPN to Improve Cybersecurity for Remote Workers
Using a Virtual Private Network (VPN) encrypts your internet traffic so anyone who tries to intercept it cannot read it. It also disguises your IP address. The VPN allows you to create a secure connection to another network via the internet. VPNs were made to connect business networks together securely over the internet and allow users to access a business network from home.
3. Set up firewalls & use an antivirus software
Firewalls are the barrier between your computer and the internet. It can help prevent malicious programs from getting into your device and stops data being leaked out. Typically, your device has a firewall already built in and many routers have them too. Just make sure these are enabled.
The next line of defense is a good antivirus software. If viruses still manage to get through the firewall then this software can detect and try to remove it.
4. Secure your home router to Improve Cybersecurity for Remote Workers
Securing home wi-fi is an important step to improve cybersecurity for remote workers. Make sure your employees secure their home router when they are working from home. The first step is to change the router password (or add a password) if you haven’t done so when it was first installed. Secondly, make sure the firmware updates are installed and that the encryption is set to WPA2 or WPA3.
5. Install updates regularly & Back up your data
Make sure you install updates regularly as they may include some security vulnerability patches that have been discovered since the previous install. You can set most of these to run automatically while you’re sleeping to avoid downtime.
There are plenty of reasons to keep your data backed up including physical damage, human error or a cyberattack. Cloud backup services are a newer option that provide both cost-effective and convenient ways to store data.
6. Look out for phishing emails & sites
Phishing emails are those emails that are disguised as being legitimate emails with the intention to access confidential data or take over accounts. One way to detect phishing email is to check the ‘from’ email as there are often errors in the email address such as misspellings or an incorrect domain.
Don’t click on links or attachments within in the email as this makes you more vulnerable to attack. If you’re not 100% sure if the email is from the person they say, use contact information separate to the email itself to check. This could be going on their website and finding accurate contact information for the person.
The best way to protect your remote workers is to educate them on what to look out for. Encourage them to report any concerns.
Cyber Insurance for Business
If your workplace suffers from a cyber-attack it can put you out of business or cause a significant loss. During the current COVID-19 pandemic, this could be especially damaging to your business. Hackers and other cyber criminals are on the rise as there is increased vulnerability.
Cyber liability insurance covers financial losses that result from a cyber-attack. Most cyber policies include both first-party and third-party coverages. There are a variety of coverages available to cover your specific industry. Contact us today to learn more about how cyber insurance can protect your business.