Over the past few years, the need to have a strong cybersecurity posture has become increasingly apparent as cyberattacks, large and small, are occurring more frequently.
Cybercriminals have become more sophisticated in carrying out attacks, making malicious activities like phishing emails more challenging to detect. These attacks are not just targeting large enterprise businesses. According to the 2020 Verizon Data Breach Investigations Report, 43% of victims of a data breach are small businesses.
Increase in Remote Employees Leads to Data Security Risks
Since the start of the COVID-19 pandemic, workers worldwide have transitioned from working in the office to working from home. Prior to the pandemic, the Pew Research Center reported that only 7% of U.S. workers regularly worked from home. Since then, this number has grown by more than eight times, with Gallup reporting that 62% of Americans are now working from home. This abrupt transition to working from home does not come without risk.
Many of the dangers that already exist in the face of increasing cyberattacks are magnified with more employees working remotely. A larger remote workforce means there are more computers and devices accessing business data from outside of the network – often on home Wi-Fi networks with weaker security that the company has no control over. This leads to an increase in data security vulnerabilities and an increase in the risk of a cyberattack. So what can a small or midsized organization with a wide remote workforce, but no IT security team do to protect sensitive data being accessed outside of the network?
7 Simple Work-From-Home Cybersecurity Tips
- Train employees on the basics: Share security practices and policies with your employees. Require strong passwords (and consider using passphrases instead). Enable two-factor authentication where possible. Ensure everyone understands your procedures on internet and business technology use, including what will happen if the policies are violated. Provide training to show the correct handling of sensitive data such as customer payment information.
- Keep system software updated: Ideally, take advantage of automated systems to regularly update key software. Often, these updates include security patches that help prevent known cyber threats.
- Use VPN and firewalls: Even though some attacks bypass them, Virtual Private Networks (VPN) and firewalls are still a fundamental requirement for protecting your systems from cyberattacks. Make sure each employee securely logs into the VPN before remotely accessing data.
- Have a plan for mobile devices: You will need to make the key decision of whether personal mobile phones and tablets are allowed on company systems. Still, whichever decision you make, you will want to require passwords for these devices, plus plan for what steps you will take to protect data when the inevitable loss of a phone occurs.
- Make sure employees do not “share” account access to computers: Each employee needs their accounts, in part, so that administration can track logins on sensitive systems. You will also want to require strong passwords and, where possible, two-factor authentication.
- Don’t use “open” Wi-Fi networks: Make sure any Wi-Fi network you deploy is secure, using an encrypted connection. To hide your Wi-Fi network from people who are not authorized to use it, set your wireless access point so that it does not broadcast its Service Set Identifier (SSID). This SSID is the “name” of the Wi-Fi network, and setting the network up this way means that you must know the name to connect to the network.
- Don’t let just anyone install software: For company-owned systems, administrative access should be reserved for those who need it. Otherwise, there is no telling what is likely to get installed on any given system. Rogue software is a security problem just waiting to explode.
While taking these steps, remember that cybersecurity is a posture, not a project. It needs to be continually improved upon and reinforced to be as effective as it can be.
How does Defendify go beyond basic data security protection to streamline a strong organization-wide cybersecurity posture?
More Work-From-Home Cybersecurity Resources
Resources & insights
Protect and defend with multiple layers of cybersecurity
Faster. Smarter. Stronger.