One of the major challenges created by the ongoing COVID-19 pandemic has been the fact that more employees are being forced to work remotely than ever – even in environments where this wasn’t necessarily possible (or allowed) in the past. With so many states instituting strict stay-at-home orders, it’s simply become a fact of life – and one that we’re all going to have to get used to.
In the eight months since the pandemic began, a lot of people are now finally settling into this new “work from home” routine. In fact, many are finding that they’re just as productive (if not more so) out of the office than in it. But setting aside the productivity benefits, there’s still one major area that businesses need to make sure is accounted for: security.
Indeed, experts agree that the sudden surge in remote work has brought with it many heightened security risks, especially as far as things like phishing attacks are concerned. But that doesn’t mean you have to let yourself become a victim of hackers that want to take advantage of your newly vulnerable position, provided that you keep a few key things in mind.
Staying Safe While Working Remotely: An Overview
By far, the most important step you can take to remain secure while everyone is working remotely involves developing a NEW cyber security policy that puts data security front and center. Yes, it’s true that you probably already have such a policy in place. But it was likely designed with the business you WERE running in mind, not the one that exists today in the COVID-19 world.
Make sure that people understand the importance of using strong passwords and enabling multi factor authentication. Issue guidelines that expressly state that people shouldn’t be using insecure home networks without some type of virtual private network (VPN) in place. Go into detail about what you expect people to do to not only protect against unauthorized third parties accessing any company data, but also to protect the physical security of the company’s devices, too.
But most critically, there also need to be very real consequences involved for anyone found in breach of these new policies. The consequences of “getting this one wrong” can be severe, to the point where 60% of small companies on average close permanently within just six months of a successful cyber attack. When you consider that the number was that high BEFORE the destabilization caused by COVID-19, it’s easy to see why this is something you MUST pay attention to.
Along the same lines, you need to make adjustments to your incident response plan given the new situation that you’re now navigating. Your current incident response plan likely outlines the names of everyone on your incident response team, the secure communications they’re supposed to use in the wake of a breach, and the incident reporting protocols that people are supposed to use if something were to go wrong (or at least, it should).
The issue is that this is likely no longer valid now that everyone is working remotely. Sure, you know who is supposed to snap into action in the wake of a breach – but how do you make sure everyone is playing their role when they’re no longer in the office down the hall from you?
At a bare minimum, you need to go through and update all contact information for your incident response team and make sure that any and all changes are communicated frequently. But also make sure that people know HOW they’re supposed to communicate – either by telephone or text message or chat app, etc.
These steps may not necessarily be enough to prevent you from becoming the target of a hacker while everyone is working remotely… but they can help prevent you from becoming a VICTIM, which is the most important goal of all.
Security vector created by stories – www.freepik.com
