Let’s get right to the point. The recent influx of remote workers creates a big opportunity for hackers. In addition, more and more communication will occur online, which means the opportunity for an employee to receive a pretty convincing phishing email has just gone up exponentially. And, the overall change in routine could create a scenario for an increase in human error. All in all, the opportunity for a hacker to execute a cyber-attack on your business has just increased. But rather than wait for a potential attack to happen, we recommend taking a proactive approach and plugging as many potential cybersecurity gaps as possible.
Tips For IT Teams
IT teams are going to be busy. Here are a few tips to help you get a handle on the situation.
- Plan to perform regular network scanning more frequently for the time being. This can help detect a breach sooner rather than later.
- Ensure security updates and patches take place across networks, VPNs, devices, and applications. This may be a lengthy process, but it is a necessary one.
- Consider implementing multi-factor authentication for employees to gain access through remote tools or other company devices and technologies.
- Identify a file encryption tool for employees to utilize.
- If possible, test potential VPN limitations and implement modifications, for example, rate limiting and prioritizing users. Ensure employees have accurate knowledge on how to use VPN securely.
- Better yet, look to tools such as MyWorkDrive and remove VPNs altogether.
Tips For Employees
We’ve said it before; employees are the first line of defense when it comes to cybersecurity. This is truer than ever, so please keep these tips in mind.
- Attend upcoming cybersecurity training sessions, and adhere to company security compliance plans.
- Continue to keep an eye out for phishing emails. Watch for obvious typos, verify URLs before clicking on links and do not download/open attachments if you weren’t expecting them. If you receive an attachment from someone within your organization, and you weren’t expecting it, call and verify that it came from them.
- Avoid installing unauthorized apps, or new applications on your work devices without discussing with your IT team first. (this could link to the Shadow IT article)
- Ensure your home network is secure by protecting your router with a passphrase. (link to the passphrase article)
- Continue to download the latest security upgrades and updates.
- Do not use a non-secure WiFi connection for company work (this may be a rare occurrence right now, but it is worth the reminder).
- Try to keep work and personal devices and applications separate. If there is a need to co-mingle, ensure lock screens and passwords are in place on all devices.
- Utilize file encryption tools provided by your IT team to share files.
Tips For Business Leaders
Although we’re not in a “business as usual” type of situation, some things need to remain the same in order to help protect your business, clients, and employees.
- Continue with cybersecurity employee training. And, if you didn’t have training scheduled, get one on the “calendar” – either a virtual training or an emailable training – and let employees know that cyber attacks could be on the rise.
- Stay up-to-date on the latest cybersecurity information, and cyber-attacks that have taken place.
- Review company access granted to third-party vendors and adjust as needed. This includes limiting or shutting down access to third-party vendors that do not need it during the next few months.
- Review employee access. If employees do not need access to critical business files and applications over the next few months, remove them. They can be granted access again at a later date if they need it.
- Support your IT Department. If they need additional support or are having issues with employees not complying with enhanced security needs, the business needs to show support for that team.
- If you do not have an IT department that can handle the current remote working situation and the potential cybersecurity challenges that come with it, contact a reputable partner for IT security support.
- Follow the same best practices that your employees are following.
We are in an unusual time for numerous reasons. Don’t let hackers take advantage of the situation or your business. Protect yourself, your employees, and your clients by being vigilant with cybersecurity best practices.
Feeling overwhelmed with all of the information we just threw at you? Talk to us and let us help you navigate the best cybersecurity best practices for your organization. Call us at (628) 867-6130
In the meantime, take a look at our MSP IT Checklist.