The sudden rush to remote working because of the COVID-19 pandemic has left cyber criminals rubbing their hands and IT teams under pressure to stop them.
As organisations have adapted in-house solutions or rapidly provisioned new technologies to support home working, the usual security checks and user training have not been as rigorously imposed as they would have been if employees were still in the office. This has given criminals the opportunity to use threats like ransomware or phishing to exploit any vulnerability.
What are the threats?
The attackers have seized on society’s concerns about health and finance and our desire as human beings for information. In times of crisis, it is easy to be fooled by an email purporting to be from the tax authorities or a prominent health organisation urging you to click on a link or an attachment for more advice. Similarly, spoof emails that look like they come from a work colleague, boss or supplier are another method used to trick users into enabling access to corporate systems.
The trouble is one click can lead to a lockout from your systems, malware being downloaded or your computer being hijacked to launch other attacks.
How do you stop the attackers?
Extending security protocols from the office into the working from home environment helps prevent cyber criminals exploiting the situation.
Staff education is an important facet. By reminding employees how to spot emails with unusual spelling, unnecessarily urgent language, or suspicious attachments and links, you can turn them into your first line of defence to prevent attackers getting in.
Clearly communicate your corporate security policies to your workforce and make sure employees know who they should contact in the event of an attack.
Home network connections can be vulnerable. Ensure users connect securely to the network and that office software is patched regularly on remote devices. Monitor access policies closely.
The huge take-up in collaboration and video conferencing tools has led to a number of security concerns. Make sure the tools being used are subject to due diligence by your IT team and are configured and secured correctly.
Keep regular backups of the new sensitive company data being created on home devices safe in the cloud.
Strengthen your security culture
As always, security starts with us staying alert. Each individual has a part to play. By understanding the threats, we can minimise the chance of the attackers succeeding.
Many organisations have been forced to rush into a new way of working so quickly that they have not had time to fully address the security implications. The way forward is to use this as an opportunity to strengthen the culture around corporate security for the long-term.
The security professionals in your organisation can help you address the potential risks you face and lead the way. If you do not have a security team or you feel you need external help from experts in threat intelligence, now is the time to act because those cyber criminals are not going anywhere.
iomart’s security and infrastructure experts are available to help your organisation. Our managed security service detects, protects and reacts 24/7/365. Download the brochure and get in touch to find out how we can help.