1. Keep your devices up to dateFor some, it’s annoying to regularly install updates, which is why they deliberately ignore update notifications. With Windows 10, it’s impossible to avoid critical security updates so long as you’re connected to the internet, but that’s not always the case with other devices, platforms, and applications. While administrators should be able to handle patch management remotely, it’s important that employees install all security updates on any personal devices used for work as well.
2. Avoid unsecured connectionsOne of the most immediate security threats that surfaced as soon as everyone started working from home was that employees were connecting to corporate resources through unsecured networks like public Wi-Fi. Many home networks aren’t adequately secured either, especially Wi-Fi networks still using the default password. The best way to mitigate the risks of using an unsecured connection is to use a virtual private network (VPN), which encrypts all internet traffic. Employees should also be encouraged to change their default Wi-Fi passwords and avoid connecting via public hotspots.
3. Use multifactor authenticationHaving and enforcing a strict password policy should be part of any cybersecurity routine, but passwords aren’t enough by themselves. Employers should always enforce the use of multifactor authentication (MFA) when connecting to business apps and services that handle potentially sensitive data. With MFA, users need to verify their identities using a secondary authentication measure, like a fingerprint scan or, more commonly, a single-use security code sent via SMS. Unless they’re accessing highly confidential information, however, it’s not usually necessary to use MFA each time the user logs in. MFA is most important for granting access from an unfamiliar device or network — a common factor when working from home.
4. Use corporate devices. if possibleOne of the biggest challenges in enforcing security policies and controls for remote workers is that employees often end up using their own devices for work. For businesses with a robust and widely adopted bring your own device (BYOD) policy, this shouldn’t present a problem, but if you’re not already using employee-owned devices for work, it might be time for a rethink. The easiest (and safest) approach is to use corporate devices for work, since administrators will be able to retain full control over them, as well as closely monitor their usage. In the longer term, however, it’s a good idea to set up a BYOD program, since it’s a great way to reduce costs and maximize employee productivity.
5. Be wary of new phishing scamsWhenever there’s a major catastrophe, cybercriminals are quick to exploit the situation, and COVID-19 is no exception. There’s been an uptick in phishing scams in recent months, as attackers try to exploit people’s fear of the pandemic. A common tactic attackers use is to send emails purporting to link to a new company policy related to the pandemic. Clicking on the link or downloading an attachment in the email triggers a malware infection. Social engineering scams like these happen all the time, but the tactics change regularly. All employees should be kept up to speed on cybersecurity threats through regular awareness training. You won’t just be doing your business a favor, but you’ll also be helping your staff stay safe in their personal lives. Online Computers delivers advanced technical solutions and industry-leading expertise to help you reduce risk and maximize productivity. If your business is in the Hanover, Morristown, and Madison areas, and you want to ensure your remote workers have adequate protection at home, then call us today to learn more.
Ensure a productive remote workforce!
Enter your name and email address on the respective fields on the right to receive our FREE guide to ensuring your staff's productivity while working remotely.