By: Rishi Khanna
COVID-19 has brought a lot of changes globally. Not only have health measures changed drastically, but the way we work has changed too. With remote working becoming the norm, and Gartner predicting that even after COVID we’ll see 41% of workers working remotely, it looks like 2020 has changed the working landscape forever.
This is no bad thing though – with the majority of people being happier working from home, and businesses being able to access top remote talent from overseas, it’s changed how we work but not necessarily in a bad way.
As we all adjust to the post-COVID world, it looks like remote working is here to stay. This offers amazing benefits for businesses (cutting overheads being one of the most obvious), however, it also presents risks too. With everything becoming remote and online, rethinking cybersecurity is an essential for any business in 2021 and beyond.
COVID-19 Has Led To A Spike In Cyber Crimes and Cyber Attacks
Many online publications and industry cybersecurity experts have observed a spike in phishing attacks, malware, malspam, and ransomware attacks as cyber attackers are using COVID-19 pandemic as bait to impersonate popular brands thereby misleading work from home employees, remote workers, and kids studying from home.
This has resulted in more infected personal computers, business laptops, and phone devices. Not only are businesses being targeted, end-users who click on COVID-19 related links in emails and download COVID-19 related documents and open attachments are also being tricked into downloading ransomware disguised as legitimate documents and applications.
Top 4 Things To Do During and Post COVID-19 To Secure Your Business and Remote Workers
In this article, we’re looking at the risks that remote working brings and how businesses can rethink their cybersecurity strategy post-2020. Here are the top things you can do to rethink cybersecurity during and post-COVID:
- Rethink Your Old Cyber Security Strategies
In days gone by a robust firewall and regular passwords, resets were enough to keep you safe. However, as the risk level has become higher and more and more high-risk data is stored online and transferred between people online, we really need to be thinking about how secure our old systems are.
Old cybersecurity strategies have been very incident response based – in the past responding to an incident after it happens was enough. Now, however, businesses need to rethink this strategy and take a more active approach. Cybersecurity in 2021 is about pre-empting an attack and having measures in place to handle it prior. We recommend you find a reliable cybersecurity consulting company that can guide you and support you through the best practices of establishing a remote infrastructure for your team to work securely.
- Educate Your People
Remote working is great in so many ways – it means that your people can work from anywhere on a schedule that suits them. However, if this includes working from coffee shops, friend’s houses, or even their home, this poses a risk.
Using unsecured Wi-Fi is one of the most dangerous things that an employee can do, and with everyone using their own devices to work or taking work laptops and devices home, it becomes a lot harder to monitor the security on those devices.
There are a few ways we can mitigate this risk, one is reducing the number of devices. A phone and a laptop for each person should be sufficient, and trying to limit where people carry out their work activity helps to stop attacks on personal devices.
Encouraging people to use a VPN when their work is also essential. Whenever an employee is using private corporate resources or handling data, they need to be using a VPN. The main thing we can do to enforce this is educating our people so that they understand the risks, but also how to practically set up these kinds of systems so that they can work safely remotely.
Since cybercriminals have been capitalizing on COVID-19 and pandemic crisis to increase their impact, it is important to provide our employees and remote workers regular cybersecurity education and updates that will keep the information fresh and top of mind.
- Don’t Rely On One Password
How many times have we been told that we need to have unique passwords? So many, right? However, it’s surprising how many people still use the same password for everything. This makes it super easy for attackers to hack into all systems and wreak havoc. Once they have access to one password, they can access a variety of platforms with ease.
The only way to combat this is to enforce regular password changes so that you know people are changing their passwords and keeping them safe. You want to activate two-factor authentication (2FA) on all online websites and tools to verify your users when they work remotely. It may seem a bit patronizing, but it’s better to enforce these kinds of changes than be the victim of a cybersecurity attack.
- Consider The Cloud
With so many businesses using one centralized data storage like shared drives (like OneDrive, Google Drive, DropBox) to name a few, it can be hard to keep everything secure. Using a shared drive on a company computer is hard for employees to use when working remotely, whereas using data storage tools in the cloud is a much better way to access shared data.
The cloud has been created with data security in mind, so it is a much better, more secure system for sharing and storing data than sending messages or emails with bulky data or relying on a shared drive. This being said, the migration to the cloud and setting it up securely does come with its own security risks, which it is important for businesses to be aware of. We recommend using reliable Cloud Managed Services providers to help you move your workloads to the cloud.
Interested in learning more about how to implement cybersecurity best practices to secure your business? Want to ensure your remote workers are securely accessing your systems? Schedule a call with a cybersecurity consultant today!