WFH: THE CYBER HACKER’S DREAM
Working from home has been the key solution to survival for businesses, for many it was the only way to avoid operations halting completely. For some companies, WFH will remain the way of the future. This opens up a whole new avenue for cyber criminals. Be vigilant, make sure attention is focused on home office cyber security and employee education.
The number of business email compromises in the first few months of 2020 almost equals the total amount seen in 2019, thanks in part to hackers trying to exploit changes in how people are now working. Keep in mind the average cost of a data breach is $3.92 million, don’t leave your business exposed to these threats.
Securing a Home Office Setup
To protect your business and your remote employees, use the following points and tips to help secure a home office setup.
Fortify User Accounts
- Set up at least 12-character long passwords using numbers and special characters
- Use unique passwords for each account to minimize damage if one set of credentials is compromised
Secure Home Routers
- Change the default password on a home router to a strong password (use a combination of upper/lower case letters, numbers, symbols) or passphrase (sequence of words or text, can contain spaces; i.e. I wi!! use this as MI pa$$phrase)
- Keep the router’s software up-to-date
Secure Equipment
- Ensure computer operating systems, apps and programs are patched and up to date
- Consider enabling full-disk encryption for laptops and other mobile devices that connect remotely to your network
- Enable multi-factor authentication whenever available
- Only allow trusted people to connect to a home network
- A work computer should only be used for work and no other purpose so work data is not put at risk for accidental infection of malware
- Change smartphone settings to stop automatic connections to public Wi-Fi
- Require employees to use secure connections when connecting remotely to your network
Set Up Firewalls and Antivirus Software
- Make sure to enable firewalls in your operating systems and hardware
- Implement antivirus software to detect and remove any malicious programs that may find their way to a device
- Keep up-to-date antivirus software on devices that connect to your network, including mobile devices
- Turn on automatic updates
- Do not dismiss notifications for updates
Watch Out for Online Scams
- Be on alert for social engineering tricks such as email phishing and phone vishing
- Be critical of everything that is seen online
- Look for suspicious links and attachments
- Watch for grammatical errors in the email body and misspelled email addresses
- Never give out sensitive information to an unsolicited email, text message or phone call
What to do to Maintain Security
- Write cybersecurity policies that are easy to understand, distribute the policies to employees and explain the importance of following the policies
- Train employees – include information on secure remote access in regular trainings and new employee orientations
- Before letting any device connect to your network, make sure it meets your network’s security requirements
- Educate your employees about the risks of public Wi-Fi
- Create a VPN for employees to use when connecting remotely to the business network
Cyber security remains a top priority.
Don’t let a cyber hacker’s dream become your nightmare.
Give your staff the tools to make security a part of their daily work routine.
#teamkoppinger – We are here to help.