It is no secret that companies are experiencing an increase in security incidents following the transition from work in the office to work from home during the pandemic. There are a number of causes, including the difficulty of controlling the security of at-home technology equipment such as routers, printers, personal assistants and other IoT devices, and insecure WiFi. We also know that employees are more distracted than ever before because they are in a new work environment. At home with members of their family, it is more difficult to separate work from home life, and they are concerned about the health and welfare of themselves and their families and about the spread of the virus. All this chaos and uncertainty leads to a distracted work force that is not as vigilant about data security.
Hackers know this, so they have been crushing users with phishing campaigns centered around messages about the latest news on COVID to get users to click on malicious links and documents in order to infect company networks and systems with malware and ransomware.
To assist companies in tackling this new and serious security threat, the U.S. Chamber of Commerce and FICO, a California-based data analytics company, recently issued a report entitled Special Report on Cybersecure Working During COVID-19.
The welcome letter to the Report states, “this report is designed to help business owners know what steps to take to increase the security of their virtual working environments.”
The Report outlines six areas that businesses may wish to consider for security to assist employees while working remotely. They include:
- Consider the benefits of using cloud services.
- Instruct employees on the proper components of a home office network.
- Use a properly configured virtual private network (VPN).
- Take steps to introduce elements of security to teleconferencing.
- Have a plan to identify and manage third-party and supply-chain risk.
- Think through—and adhere to—sound “bring your own device” (BYOD) policies and procedures.
These are basic and well-known security measures, but unfortunately, not all businesses have them in place, and having a remote workforce magnifies the need to put proper security measures in place to reduce the risk of a cyber-attack.
Reviewing the Chamber and FICO’s Report and checking off what you have already done to implement its recommendations, or putting a plan in place to implement them going forward, is a worthwhile exercise as part of your company’s risk management plan. Providing support to your employees on proper security measures while working from home is extremely important at this time, as cyber criminals are targeting them more than ever before.