Working from home has been the key solution to survival for businesses, for many it was the only way to avoid operations halting completely. For some companies, WFH will remain the way of the future. This opens up a whole new avenue for cyber criminals. Be vigilant, make sure attention is focused on home office cyber security and employee education.
The number of business email compromises in the first few months of 2020 almost equals the total amount seen in 2019, thanks in part to hackers trying to exploit changes in how people are now working. Keep in mind the average cost of a data breach is $3.92 million, don’t leave your business exposed to these threats.
Securing a Home Office Setup To protect your business and your remote employees, use the following points and tips to help secure a home office setup.
Fortify User Accounts
Set up at least 12-character long passwords using numbers and special characters
Use unique passwords for each account to minimize damage if one set of credentials is compromised
Secure Home Routers
Change the default password on a home router to a strong password (use a combination of upper/lower case letters, numbers, symbols) or passphrase (sequence of words or text, can contain spaces; i.e.I wi!! use this as MI pa$$phrase)
Keep the router’s software up-to-date
Ensure computer operating systems, apps and programs are patched and up to date
Consider enabling full-disk encryption for laptops and other mobile devices that connect remotely to your network
Enable multi-factor authentication whenever available
Only allow trusted people to connect to a home network
A work computer should only be used for work and no other purpose so work data is not put at risk for accidental infection of malware
Change smartphone settings to stop automatic connections to public Wi-Fi
Require employees to use secure connections when connecting remotely to your network
Set Up Firewalls and Antivirus Software
Make sure to enable firewalls in your operating systems and hardware
Implement antivirus software to detect and remove any malicious programs that may find their way to a device
Keep up-to-date antivirus software on devices that connect to your network, including mobile devices
Turn on automatic updates
Do not dismiss notifications for updates
Watch Out for Online Scams
Be on alert for social engineering tricks such as email phishing and phone vishing
Be critical of everything that is seen online
Look for suspicious links and attachments
Watch for grammatical errors in the email body and misspelled email addresses
Never give out sensitive information to an unsolicited email, text message or phone call
What to do to Maintain Security
Write cybersecurity policies that are easy to understand, distribute the policies to employees and explain the importance of following the policies
Train employees – include information on secure remote access in regular trainings and new employee orientations
Before letting any device connect to your network, make sure it meets your network’s security requirements
Educate your employees about the risks of public Wi-Fi
Create a VPN for employees to use when connecting remotely to the business network
Cyber security remains a top priority.
Don’t let a cyber hacker’s dream become your nightmare.
Give your staff the tools to make security a part of their daily work routine.