Why a rapid shift to working from home has seen a spike in security incidents, and what you can do to keep your organisation secure.
As if things weren’t already difficult enough, cyberattacks are on the rise.
In today’s strange new world, the home office has become the new work office. With a recent Gallup poll showing 62% of Americans working from home during the crisis – a number that doubled since mid-March – the change has been rapid, and not without its challenges.
Board members, Councillors, staff, and employees the world over are now connecting to corporate and enterprise infrastructure via home devices, on home networks, in a home environment. The fallout has left organisations scrambling to secure these new remote working setups while ensuring business continuity.
Where security teams see vulnerabilities, cyber criminals see opportunities.
46% of businesses have suffered a cybersecurity incident during COVID-19
A recent study by IT security firm Barracuda Networks found 46% of respondents had experienced at least one security incident since the COVID-19 lockdown began, while 49% anticipated a data breach or similar cybersecurity incident within the next month.
Cybercriminals are keenly aware that cracks are emerging from the pressure, and they’re taking advantage of them. Take something as simple as a phishing email, for example. Stressed staff are far less likely to double-check the ‘From:’ field on an email before opening it, inspect a link before clicking on it, or question an email attachment before opening it.
Identifying and rectifying these issues doesn’t just fall to staff. In many cases, security issues have been exacerbated by the shift to convenient, band-aid fixes that bypass policies and procedures put in place to keep data, documents, and sensitive information safe.
You may still be operating, but at what cost to your sensitive information and data?
Work from home’s most pressing security threats
You don’t need to be yet another cybersecurity statistic.
Knowledge is power, so here are some of the most pressing threats you need to know about:
- Sophisticated phishing email scams related to COVID-19 providing fake business updates from the CDC and World Health Organisation (WHO), offers of free vaccinations, as well as donation scams.
- Fake Zoom, Microsoft Teams, and Google Meet invite emails containing links that instead download malware to the user’s device, which is then able to access sensitive data and documents.
- Attackers targeting inherent security flaws in personal devices and networks used in a home working environment including mobiles, tablets, and laptops which may already be affected by malware or viruses.
- Staff using personal email addresses, messenger apps, and personal cloud storage accounts like Dropbox or Google Drive because it’s ‘easier’ and ‘quicker’.
Regain clarity and control across your remote-working environment
This new normal is known as the ‘new normal’ for a reason: it isn’t going anywhere, anytime soon.
Recent increases in cybersecurity incidents are a clear sign that organisations like yours desperately require a long-term governance risk & compliance solution that will allow you to secure your new remote working setup while ensuring business continuity.
Achieving this clarity, control, and security is as easy if you:
- Educate staff on the warning signs of potential threats including phishing scams and malware.
- Only use trusted WiFi networks, and enable two-factor authentication on applicable accounts.
- Ask that staff use unique passwords for any new digital work accounts so they’re not shared with personal accounts that may be more susceptible to a breach such as social media.
- Limit the use of personal devices on your governance risk & compliance software where possible, and instead supply staff with dedicated work devices that have been properly secured.
- Ensure software and firmware updates are installed to avoid known security flaws, and that anti-virus software, firewalls, and virtual private networks (VPNs) are set up as and where required.
- Transition to a comprehensive, secure business platform such as Stellar. Stellar’s unique advanced encryption technology combats modern day security risks, so staff are able to securely access important documents, data, and information no matter where they are or the device they’re using.