Cybersecurity threats are constantly evolving, and hackers tend to capitalize on changing times to catch companies off guard. The advent of the Coronavirus pandemic (COVID-19) has prompted a wave of crafty pandemic themed threats that are easily mistaken as real.
Hackers are now trying to infiltrate companies’ networks through registering malicious domains and creating coronavirus phishing schemes. According to Defendify’s Success Manager, Shanna Utgard, many of the phishing emails being sent out are focused on social relief assistance, referencing things such as grants and loans, small business relief, or the paycheck protection program.
The American Chamber of Commerce of Trinidad and Tobago (Amcham) recently hosted a webinar to help businesses deal with COVID-19. This webinar focused on cybersecurity and why it is essential for businesses, especially during the pandemic.
Defendify Success Manager, Shanna Utgard, was a featured speaker at this webinar. She outlined six essential security tips for companies to secure their remote or in-person work force during the pandemic.
Secure and Test Remote Connections
Shanna insists that companies should ensure that all devices on their network are functioning and up to date. Often, hackers take advantage of out of date firewalls or VPNs to access a company’s network. Consistently updating your devices, both your smart phone and computer, will help ensure that hackers aren’t accessing your network this way.
Check out Defendify’s Network Vulnerability Scanner, one of three easy-to-use tools in our free Essentials Package, to help ensure your network is functioning properly. This tool automatically searches your networks and systems for security vulnerabilities then provides detailed reports to help you understand what risks to consider and where security gaps are.
VPN and Two Factor Authentication
Shanna suggests that companies use a connection or tunneling tool (VPN), which connects the employees home network back to the corporate network, that is properly secured. Employees should use a password in addition to two-factor authentication to ensure the connection is safe.
Companies should regularly perform cybersecurity assessments, especially when your team is working from home and you’ve had to adjust your system.
This involves walking your team through the cybersecurity controls your company has in place, as well as pinpointing what has changed in your infrastructure and IT posture.
Set Work from Home Expectations
Having clearly defined Work from Home expectations and policies is extremely important. Shanna suggests having a technology and data-use policy that prohibits employees from using personal devices. Companies risk insider threat when employees leave sensitive information on their personal devices and are at risk from infections on personal devices spreading to the company network.
It’s also important to ensure that your employees are saving all documents and corporate information to either the corporate network or to a cloud-based file hosting service, not to their devices’ desktop. Shanna also suggests avoiding sending attachments through email since most email servers do not encrypt attachments.
Check out Defendify’s Technology & Data Use Policy Builder to ensure that policies and guidelines are understood, shared, and consistently enforced.
Train your Team
Companies should invest in training employee to use new technology at home that they may be unfamiliar with. This will ensure that information isn’t stolen due to a technology mishap.
Revise Incident Response Plan
A change in work environment also calls for a change to your cybersecurity incident response plan. Creating a culture in which employees feel capable and confident to address and report an incident is critical. Shanna suggests creating clear communication channels for employees to use when they suspect a breach and providing each employee a paper copy of the incident response plan.
At Defendify, we make revising your incident response plan easy with our Incident Response Plan Builder. This tool helps prepare a business in the event of a cyber-breach by aligning the entire organization around what remediation steps to take, when to take them, and who is responsible for each task.
In uncertain times, it’s important to stay vigilant when it comes to your company’s cybersecurity. Following Shanna’s six essential security tips will help to ensure that your company, customers, and employees are protected from any threats.