In response to the global coronavirus pandemic, organizations are turning to work-from-home solutions to remain productive. The priority for managers and business owners is to ensure their staff is capable of working from home. This requires giving them access to the necessary digital infrastructure, setting up the policies, and resolving individual issues while also working remotely.
According to the World Economic Forum, the spread of the COVID-19 virus doesn’t just put people at risk. It also creates new company vulnerabilities. With a heightened dependency on digital infrastructure, cybercriminals target businesses using every tool in their arsenal. Making cybersecurity a priority in the organization’s work-from-home policy is now more important than ever before.
Cybersecurity Considerations for Working-from-Home Safely
Hackers and bad actors immediately used the spread of the COVID-19 virus to exploit individuals and businesses. From sending out coronavirus-related phishing attacks to setting up fraudulent domains, the public’s panic and appetite for information is the perfect opportunity for cybercriminals to infect a network. Here are the top five considerations for organizations unfamiliar with cybersecurity risks when their employees work from home.
1. The Difference in Network Protection Tools
Home networks are just as sophisticated as corporate systems but rarely use the same level of protection. The devices that connect to the home Wi-Fi network include mobile phones, tablets, smart TVs, and wireless cameras. Any of these could lead to a compromised network if not adequately secured.
To make home networks more secure, organizations should tell employees to:
- Keep their router software up to date and not use the default passwords.
- Set strong admin credentials on the router and use WPA2 security.
- Have antivirus software installed on all connected devices with endpoint scanning.
- Remove unnecessary devices from the network if they do not have strong security.
2. Unsecured Video Conferencing
Collaboration and video conferencing tools like Zoom can help keep teams productive but also pose a risk. Since March this year, Zoom downloads went up by 535%. At the same time, malicious files available for download online with Zoom in the name increased by 2000% according to Webroot. Hackers also set up Zoom phishing domains to harvest credentials.
When setting up a Zoom meeting, follow these best practices:
- Only download the software from the official site.
- Keep it up to date as the company regularly patches newly discovered vulnerabilities.
- Never share the meeting IDs and always use strong passwords for meetings.
- Use waiting rooms to screen attendees before granting them access to the meeting.
- Be careful of meeting invites, as they could be a phishing attempt.
3. Increased Attack Surface
The way users set up home computers is radically different from those in the office. Home computers usually give the user full administrative rights. Malware requires these credentials to infect systems. If the employee is connecting to the company’s network from home, the infection could spread to other computers and IT systems.
Ensuring home PCs remain secured require employees to:
- Use strong passwords to access the PC’s desktop.
- Do not make that PC discoverable to other devices on the home network.
- Whenever possible, use encrypted connections to access work applications.
- Ask network and system administrators to implement application access control and individual passwords.
- Use a Single-Sign-On service or a Password Manager if possible.
4. Blurring Work and Personal Emails
Work email servers usually have stronger security policies than personal accounts. If employees are working from home, ensure they use the same email security as in the office. The best option is to try and separate work devices from personal ones. The company should also use additional email security tools to vet all incoming and outgoing messages.
5. Reduced Cybersecurity Vigilance Regarding Phishing Attacks
When working from home, employees should still follow all the best practices in regards to cybersecurity and phishing attacks. The casual nature of the home office may lead to employees becoming less vigilant when sharing information or accessing files online. Whenever they receive an email from an unfamiliar source, they should take extra care.
The best practices to prevent a phishing attack from succeeding include:
- Never open an attachment from an unknown sender.
- Don’t respond to emails requesting personal information or private work credentials.
- Verify any links in the email before clicking on them.
- Report any suspicious emails to the relevant administrators promptly.
Use Managed IT Services to Improve Cybersecurity while Working from Home
Managed IT Services (sometimes called Managed Network Services) can help organizations to remain protected while their employees are working from home. Donnellon McCarthy Enterprises provides comprehensive managed services that allow companies to scale their work-from-home capabilities during the current pandemic. Our services can reduce the burden on IT staff while implementing all the best practices regarding cybersecurity.
For improved cybersecurity and help with ensuring employees remain productive while they are working from home, reach out to Donnellon McCarthy Enterprises today.