Shelter-in-place and social distancing mean your new commute consists of shuffling to your home office or dining room table, favorite mug in hand, bathrobe secured tight around you. It seems COVID-19 has introduced millions of people to remote work almost overnight. It also created prime targets for cybercriminals.
How to Maintain Security While Employees Work Remotely
Coronavirus has changed how you and your team work together. It’s vital to take a moment to review and update your practices to keep your team, clients and data safe at this time.
Here are 13 ways to start protecting your organization from the onslaught:
- Turn on multifactor authentication for all devices and accounts accessing company information and applications
- Continually monitor, update and patch systems
- Where possible, only use encrypted devices to store corporate data
- Review spam filters and add more controls as needed
- Test your backup and disaster recovery solution to ensure you can access critical information in a worst-case scenario
- Use a Virtual Private Network (VPN) as necessary to connect company devices – do not use it on personal devices
- Use a firewall with advanced threat protections
- Use mobile device management to track and secure the computers and phones staff are using outside the office
- Provide COVID-19-specific employee cybersecurity training to avoid having one of your team fall victim to the ransomware, malware and scams circulating right now
- Enforce strong password policies on personal devices or company devices used to access company information
- Create a remote working security policy for your employees and train your team on it
- Work with an IT security expert who will implement a comprehensive security solution
- Get an IT assessment to uncover gaps created by switching to a remote work environment
Cybercriminals are Capitalizing on COVID-19 Fears
One factor could make COVID-19 scams more successful than other attacks: widespread fear about the spread of the virus. Turning the recipient’s anxiety and uncertainty to their advantage, hackers find it easier to get people to click malicious links, download attachments and unwittingly infect their networks with malware.
Education is the most important step to combat this style of attack. You’re less likely to fall for a threat if you know the methods and messaging cybercriminals use. Training is essential to protect your organization – whether you’re working on the front lines, remotely or you’re back in the office when this is all over. Here are a few of the tactics we’ve seen. Share these with your staff so they can watch for them:
- Attacking VPNs and remote desktop protocols (RDPs) to gain access to your internal documents and applications
- Impersonating the World Health Organization (WHO) officials in emails to get people into handing over personal information
- Attaching documents to emails claiming to contain new information or miraculous cures for coronavirus. These unleash malware when opened
- Tricking people into downloading fake, malicious COVID-19 tracking maps that infect their computers or phones
Contact us directly for more information about accessing employee training. Our Security Awareness Training and Phishing platform reduces risks and helps prevent data loss and downtime: (877) 716–8324
How DiamondIT is Fighting Back and Protecting Clients
Managed service providers are considered an essential service, and we are fully supporting our clients during the stay-at-home California government directive. For the safety of our team and yours, we’re working remotely. We will service on-site needs when it is a public safety need such as the needs of our police department and municipality clients.
Please contact us immediately with your cybersecurity concerns, questions about new remote licenses or if your current IT team is overloaded and unable to transition you to a virtual environment. We are ready to help make IT work for you again.