A Massive Influx Into Remote Work Creates an Opportunity for Hackers

While the coronavirus pandemic has infected millions of people worldwide, sending people back to work and study from home, these new habits could benefit cybercriminals. With workers taking their laptops and company data with them, cybersecurity experts say hackers will follow, seeking to take advantage of the situation and infiltrate companies, Reuters reported in a recent publication.

While the pantheon of “ishings” (smishing, vishing, phishing, spear phishing, and whaling) are the most common threats to a remote workforce, another easily neglected yet still prevalent threat to organizations’ security is caused by the devices employees use remotely. Many organizations are as vulnerable as the least secure employee device. It’s a bad situation when you consider that malware on the laptop of just one employee can hit an entire organization network via folders, shared files, and email attachments.

If you’re concerned about security with employees, here are some steps you can take:

• Don’t be pennywise
• Enable passwords on your meetings and webinars
• Allow two-tier or multi-factor authentication when possible
• Require the use of a company-supplied VPN
• Standardize your platforms

Unsecured Personal Devices Are a Recipe for Disaster

Is your team working remotely on their personal devices? Chances are they will need to download and save sensitive company data on them. However, if their devices are not properly secured, the risk of confidential company information falling into the wrong hands is significantly increased.

Employees are likely using their own devices (smartphones, tablets, PCs) actively and using the technology they’re most comfortable with. In the workplace, security awareness is a priority. However, as people change their work routines, their cybersecurity habits also change. To protect yourself from this threat, you should take the following steps before accessing any remote system:

• Creating an awareness session dedicated to the professional use of devices.
• Use a secure connection to access the company network. Ensure that the company VPN is configured for multi-factor authentication.
• Work only from home and not connect to the company network from unsecured public Wi-Fi access.
• Only share work-related data and information with the home computer or personal devices when absolutely necessary.
• Create strong new passwords for laptops, mobile devices, and email(s).
• Ensure that the applications, operating systems, network tools, and internal software installed have been updated. Ask the IT support team to install malware and spam protection software on desktop computers and laptops when employees need those.
• Use Cloud computing applications to share and back up data.

Your organization should continue to promote best practices in security awareness by using targeted awareness tools, such as newsletters, Slack-channels, and microlearning. This reinforces the lessons learned from training and simulations and keeps security awareness high on the priority list.

6 Tips to Keep Your Mobile Devices Safe

Cybercriminals are constantly coming up with new ways to target their victims. As a result, there is currently an increase in cyber-attacks via mobile devices. Follow these 6 tips to keep your mobile devices safe at all times:

1. Disable Bluetooth: Cybercriminals are looking for Bluetooth signals to hack into mobile devices.
2. Use fingerprint security and visual authentication: Turn on the highest level of security and authentication on your mobile device. Ensure that each device is protected with a unique password.
3. Block the automatic connection: Never automatically connect to an open or public Wi-Fi network. In fact, the best practice is to never connect to a public Wi-Fi network that is not password-protected.
4. Update all applications and operating systems: Always install updates. These are used to fix known security vulnerabilities and protect devices from cyber threats.
5. Be vigilant about text messages: Ignore text messages from strangers. Do not respond to unsolicited text messages from companies or organizations.
6. Be aware of possible data leaks: Do not give unlimited permissions and access to applications. Allow only the minimum required access. Remember the basics of cybersecurity best practices — never leave your devices unattended, lock them after use, and do not lend them to strangers.