The world changed overnight, it seemed, when COVID-19 went from being a topic of interest to a very real pandemic. Now that social distancing has made remote work the new employment reality, cybersecurity has never been more important. Last year alone, almost 8 billion consumer records were accessed by hackers. Breaches of information security can have dire consequences for a company – including the discovery of trade secrets, DDoS (Distributed Denial of Service) and other cyber attacks, breaches of privacy, and of course, loss of customer trust.
There are a number of important steps to take to ensure that maintaining a remote workforce does not compromise your company’s data security or the integrity of its information infrastructure. This article sets out what you and your employees need to do.
What employers need to do
Your employees may not intentionally breach data security, but with constantly changing technologies, there will always be the prospect of human errors – not realizing a link is dangerous or being unaware of how firewalls actually work, for example.
Make sure you set up a proper VPN (Virtual Private Network) and other cybersecurity measures to ensure that connections are encrypted and require authentication. Keep your VPN fully updated/patched, and buy whatever additional licenses or bandwidth you may need to cover all remote users.
Implement a clear and comprehensive remote work policy and information security protocols. Make them aware of all the risks that come with online activity and what to do to secure devices and workstations – for example, what makes for a secure password, device time-outs, and how to update various operating systems.
Keep them updated about new malware and phishing scams – such as new scams that play on people’s COVID-19 fears or that offer work-from-home opportunities. Make sure you have a designated point person or department that can answer any questions they have.
What employees need to do
The ability to work remotely is a privilege not afforded to everyone. Employees need to know what detrimental impacts negligence can have on the company, which in turn could reflect on their job security. Employers can only do so much to secure their networks and company devices; it is up to employees to follow information security protocols.
It is also the responsibility of the remote worker to:
- Create strong, unique passwords unrelated to personal information and dates – and to not share them with anyone else, including household members, friends, or co-workers;
- Back up their work on a regular basis, even if their devices feature automatic back-up intervals;
- Keep devices and programs updated, since patches and other updates may contain new virus and malware protection;
- Invest in personal cybersecurity measures if there are multiple computers or users in the household;
- Use company networks only for work, and to avoid unsecured networks such as public Wi-Fi;
- Be suspicious of unrecognized emails, pop-ups, and seeming harmless links that are not related to work; and
- If there is any doubt about the safety of a practice, network, or message, contact IT before opening or interacting with it.
Even after the COVID-19 social distancing measures eventually abate, remote working may be here to stay. Companies may be finally seeing that office “face time” is not as necessary to productivity as they have believed in the past.
By working together to uphold cybersecurity protocols, employers and employees can keep their remote workforces secure, reliable, and working remotely a viable means to save on overhead costs. Want to improve your company or personal cybersecurity? We can help. Contact us today.