Cybersecurity Tips to Prevent Remote Workers from Compromising Company Data During Covid-19 These are unprecedented times in which both companies, people, businesses, and governments are still navigating their way around this Covid-19 pandemic. But it is through these times of chaos that criminals exploit those who drop the guard.
Opinions expressed by Entrepreneur contributors are their own.
You're reading Entrepreneur Asia Pacific, an international franchise of Entrepreneur Media.
The fast-spreading Covid-19 has claimed 41,261 lives from confirmed 838,061 cases, John Hopkins University data shows. The increase in the figures has forced several government authorities to take drastic measures to flatten the curve of new infections and spare healthcare facilities from being overwhelmed. The coronavirus pandemic has left many countries with no option but to go on lockdown or impose curfews, businesses to shut down, and those who can, to work from home.
Major tech companies such as Facebook, Twitter, Google, Microsoft, and a host of small other businesses are all singing the same song of allowing their employees to work from home during the pandemic. Many employees will utilize company devices and data from home in this moment of uncertainty with no timeline as to when the pandemic will be completely curtailed.
Cybersecurity Tips for Companies and Remote Workers Amid Covid-19 Lockdown
While the global focus is on finding a solution to this pandemic that has shaken the economic pillars of the world; life has to go on, work has to be done, and effective security measures have to be observed where needed. Employees pushed to work from home due to the current crisis have to get their work done effectively in inconducive environments and still protect company data from unauthorized access. There are cybercriminals who will not let "a good crisis go to waste' and will do whatever they can to exploit data and hardware device security vulnerabilities presented by the new army of remote workers. How then do companies and remote workers protect company data from cyber-attacks?
Ethical or white-hat hacking is the act of legal penetration testing done by a cybersecurity expert on organizations' information systems to detect vulnerabilities and offer solutions. As employees work from home, potentially exposing company data to the "wrong people,' companies need to hire ethical hackers to check for potential security threats. This gives companies a better understanding of their security vulnerability and how best they can implement more robust defense measures to prevent data breaches.
Malware is malicious software that uses backdoor tactics to allow the attacker to gain control of the infected computer or system. Ransomware is malware in which the attacker demands a ransom to be paid to give control of the computer or system back to the rightful owners. The Maze blackhat hacking group is currently on a rampage where it attacks a company and demands a ransom paid. If no payment is made, the hackers release small amounts of data to force the victims to pay. In early February 2020, the Maze hacked five US law firms and demanded a ransom payment of 100 bitcoins (more than $930,000 at the time).
Remote employees can protect themselves against ransomware by informing company security experts if they are moving or using a different computer than the one provided to them, avoiding using open public Wi-Fis in cafes and opening suspicious emails or attachments, updating all software, and using reputable antivirus software or firewalls.
Use of VPNs
A virtual private network (VPN) is a program that allows people or organizations to safely connect to a computer when they are using a less secure network. Employees who connect to the internet using public Wi-Fi networks risk their browsing history being seen by third-parties. Using a VPN offers privacy and hides browsing history, hence protecting company data from being seen by unauthorized personnel.
Companies should encourage their remote workers to utilize cloud-based services authorized by security experts to store data. This prevents data loss in case the computer malfunctions or is stolen.
Educate Employees on Security Basics
Companies have the prerogative to teach their employees the basics of security concepts such as phishing emails, ransomware, malware, antivirus software, avoiding using public Wi-Fi, etc. Companies should put in place emergency response teams that remote workers can contact when something goes wrong. It goes without saying that a stitch in time saves nine.
Remote workers must update their software to the latest version in line with the company's security policies. If the employees are using company devices, the security team should set the machines to update automatically.
Avoid using USB sticks
Employees should not use USB sticks on company computers or devices they use for remote work because USB sticks can easily infect devices with malware.
Use of Strong Passwords
Remote workers should use strong passwords to minimize the chances of being hacked. There are many online password generators that individuals can turn to create strong passwords consisting of upper case and lower case letter, numbers, and symbols. The passwords need to be changed periodically to reduce the probability of being hacked through brute-force attacks.
In a Nutshell
These are unprecedented times in which both companies, people, businesses, and governments are still navigating their way around this Covid-19 pandemic. But it is through these times of chaos that criminals exploit those who drop the guard. The duty to protect company data falls on both the companies and remote workers.