Last year, remote working was something the majority of employees used to enjoy on an ad hoc basis. Since the outbreak of COVID-19, remote working has become our everyday norm! Remote working may allow us a bit of a lie-in or enable us to walk the dog on our lunch break, but it has some more sinister implications for the organizations we work for.
Working from home can leave our organization's IT network and systems vulnerable to cyber-attacks and data breaches. Since the pandemic began, phishing attacks have been on the rise, with some appearing to be from reputable sources and claiming to have relevant information regarding COVID-19. Those behind these phishing attacks hope to infiltrate your system with ransomware or steal credentials to get access to your organization's data.
It's not just on your computer you need to be vigilant, according to TechTarget, "certain Android applications claim to monitor COVID-19 systems or occurrences but contain spyware or other malware in disguise."
Cyber attacks and data breaches can have serious implications for your organization -downtime, financial implications, and a damaged reputation, to name a few. Therefore, you must ensure that your organization has processes and procedures in place to limit the risk of ransomware or a data breach.
Consider the following top tips
Identify a VPN protocol
The use of a VPN is essential to ensure the security of your organization when you are connected to Wi-Fi – whether that's a public Wi-Fi or personal. Using a secure VPN makes it very difficult for cybercriminals to infiltrate a laptop. It is also essential for organizations to test and ensure they have a strong enough infrastructure to support the majority of their workforce remotely working.
Limit the use of public Wi-Fi
Public Wi-Fi can be easily targeted by cybercriminals. The remote working policy should state that public Wi-Fi (i.e. coffee shops or hotels) shouldn't be used for any sensitive business activities.
Beware of phishing emails
High profile global issues and crises are perfect fodder for hackers; using themes such as the coronavirus for phishing emails or other predatory techniques is prevalent.
Protect passwords
All devices should have long passwords with multi-characters, two-step authentication processes, and different passwords for each system and logins.
Remain vigilant when outside of an office setting
Just as people are encouraged to protect their PIN when using a cash machine, employees should protect their passwords when logging into company systems. It is very easy for other people to eavesdrop on a conversation or take a discreet photo of sensitive company information.
Conduct a risk assessment
Identify questions for the remote working space, such as:
- Who has access to the work laptop?
- Are the device passwords adequate?
- What are the rules for the transfer of data between the remote working location and the office?
- What is the protocol if the work laptop is lost or damaged
Training and best practice
All employees should be aware of the best practices of internet usage and the vulnerabilities of email. Refer to company policies for guidance on the types of communications that should and shouldn't be sent (i.e. do not send logins and passwords).
Beware of removable devices
A USB port is an easy way of introducing malware to an organization's network. Whether a personal or work-issued USB, sensitive company data shouldn't be stored on a removable device.
Alert your IT department
If in doubt of any suspicious online activity via emails received, links, or pop-ups, seek expert advice.
Remember: If you experience an accidental data loss, discover your systems have been compromised by malware, or realize you're under attack from ransomware, call us. We have over 30 years of experience recovering data from all types of devices - laptops, servers, tablets, SSDs, and more - in our global labs and through our remote data recovery services.