In response to the coronavirus crisis, many companies have mandated that employees work from home in order to assist in slowing the spread of the virus. With more employees working from home, and a wider network to protect, security experts are warning companies to be vigilant with security measures. In addition, it is widely reported that cyber-criminals are taking advantage of the crisis to ramp up cyber-attacks and scams.
The transition from accessing a company’s network from the office—a more secured environment— to one where employees are working from home in less secured environments, makes it difficult for IT professionals to protect company data.
The Federal Trade Commission (FTC) issued tips for consumers on working from home, which are easy to understand and worth reading and sending to employees.
The tips include:
- Start with cybersecurity basics.
- Secure your home network.
- Keep an eye on your laptop.
- Securely store sensitive files.
- Dispose of sensitive data in a secure manner.
- Follow your employer’s security practices.
I would add (this is not an exhaustive list):
- Patch vulnerabilities when prompted.
- Continue to use complex passphrases.
- Use the VPN.
- Be extra wary of phishing emails and scams as they are ramped up.
- Be vigilant about clicking on links or attachments.
- Be cautious when accessing websites.
- Be wary of emails, links and attachments that reference coronavirus or COVID-19.
- If you believe you clicked on something you shouldn’t have, call IT. Even though you are working from home, your IT department is there to help you, and it is the job of all employees to protect the company.
Working from home adds risk to companies. Employees must be aware of this fact and be given tools to address the risk.