Cybersecurity and WFH: challenges and opportunities
With morning traffic finally picking up speed, it is safe to assume that individuals are returning to the office, whether they use full-time or hybrid work modes.
With the advent of contemporary work models, companies are offering customised flexibility to their employees. Some organisations are allowing workers a hybrid work schedule, while other businesses are adopting an entirely back-to-office approach. A few companies are even opting to continue offering fully-remote work, which has surged in popularity in the current times.
As companies welcome their employees back, one major concern that arises is - cybersecurity.
This can be attributed to recent changes in work environments, wherein many companies have adopted a hybrid and remote work model, which enables an employee to work from anywhere. Consequently, cybercriminals have a much broader range of targets as online work increases cyber security risks. However, many new remote workers are unaware of the inherent security risks they face and lack adequate guidance on how to prevent them.
Here are a couple of ways companies can implement and train their employees to cruise safely on the Internet.
- Train employees on cybersecurity.
Training and re-training employees about cyber hygiene and security will be a crucial first step in ensuring a smooth return to the office.
As people have grown accustomed to working from home they may also have developed lenient security habits. This can expose the company to a potential attack or information leak.
Small efforts like using a password manager, encrypting devices, using a VPN, installing regular updates, being aware of phishing, and locking the device when not around can make a huge difference.
These measures can be easily implemented. It is entirely feasible for a company to remind its employees of basic but essential cybersecurity protocols periodically.
- Keep your system and antivirus protection updated.
We are aware of how important anti-virus is for our systems, it is not necessarily just to stop viruses anymore, but plenty of menacing opportunistic malice remains riddled in various software and programs. Fortunately, most systems come equipped with proper anti-virus software.
To avoid potential damage brought by unsecured edge devices, such as cell phones or laptops, ensure that your infrastructure is continually updated, your firewalls are configured, and your anti-virus software is updated, to mitigate damage. By connecting unsecured devices to your network, you are leaving yourself open to potential malware attacks. Another risk to consider is, that if employees are returning to the office, they may want to bring their devices-which could cause unintended consequences. In order to avoid security damage, you can use antivirus software on your computer to quickly detect and neutralise potential malware
- Ensure all employee applications and cloud services are secure.
As employees may have adopted new applications and programs as they work from home, companies need to make sure all applications and services on the network are up to date and secure. There may be unsecured applications or critical corporate confidential information contained in a personal account that is easily accessible by cybercriminals via unsecured channels. Ensure that employees only download the software you have approved on their work computer, on updated systems protected by antivirus software and a firewall.
- Be aware of Phishing
As more people work remotely, there's a greater chance of employees falling prey to phishing scams. There are many types of phishing emails, and most of us have probably received one. Phishing emails are those that look like they're from an online service provider asking for your contact information and those that contain infected attachments. Make sure to check the sender's email address and the subject line of the email, as well as the contents of the email itself; bad grammar and spelling are hallmarks of a phishing scam. Instead of clicking any included links, hover over them to reveal a site, if it fails to direct to a provider's official site, it is likely a scam.
Researchers emphasise that carelessness and negligence are considered to be the leading causes of leaks and breaches making them an insider threat.
It is thus imperative that employees are aware of cyber hygiene and phishing awareness, they should use secure passwords, patch software, and ensure that their software is patched in order to prevent most attacks from taking place.
With the integration of cyber hygiene training into employee onboarding becoming more commonplace, ensuring the remote workforce’s security is likely to become a priority.