The Covid-19 crisis has brought the security concerns of working from home into the limelight. No longer is remote working a concern for a few members of a team, but rather the reality of most organisations across industries. As the workforce continues to work from home for the foreseeable future, here are some things to consider to ensure your business maintains – or even improves – their cybersecurity posture.
Ensure that employees are using company-provided or sanctioned devices. Hopefully, employees working from home have taken home their corporate devices and have been using them throughout the lockdown period. This safeguards company data and documents against the vulnerabilities of home devices, which may not have the same protections and security software as their corporate counterparts. If they do use their home devices, ensure that they install antivirus or other security software.
Establish a secure, collaborative space for sharing or storing documents. Much of the collaborative work organisations will be doing will now be in the cloud – if it wasn’t already. Make sure your employees know which platform you use as a company, whether it’s Dropbox, Google Drive, Sharepoint or another service which meets your cybersecurity requirements. A clear policy – and naming convention to go with it – will lessen the chance of documents and data being accidentally leaked.
Protect your data from phishing and malware attacks. The change of working location and routine can make it easier for phishing emails to catch employees unawares. These emails often contain links with download malware and ransomware within seconds – compromising the employee’s device and data. There are two ways of tackling this problem. Firstly, utilising an encryption software, like CompuMail Gateway, for inter-organisational communications can help avoid the phishing emails landing at all. Secondly, keeping your staff up-to-date on cybersecurity threats such as common malwares and on best practices is essential to avoiding this damaging problem.
Continue tracking your cybersecurity threats and patch often. Just because these are unprecedented times does not mean that your usual testing and patching schedule should be on pause – if anything, it should be updated and heightened, if at all possible. Keep an eye on your risk factors using a risk management solution like CyDesk, which automatically compiles your cyber, compliance and business risk data into one overarching view. Make educated decisions and patch your vulnerabilities as soon as possible.
All organisations are having to adjust in these extraordinary times. Key to making your business stay afloat is keeping on top of your risks, and ensuring that you have the necessary tools to do so at hand. Ultimately, these considerations should hopefully stay with you past the Covid-19 crisis, strengthening your business no matter the situation.