T he ability to work from home is a prized employee perk that offers workers the chance to free themselves from the daily commute and complete their tasks. It’s an especially effective and convenient arrangement during the COVID-19 pandemic. Employees can help prevent the spread of the virus simply by staying home, without compromising or sacrificing their performance. Along with the freedom and flexibility of working from home comes the risk of cybersecurity issues that occur outside of a protected corporate network. Even if your company provides virtual private network (VPN) access, your computer (and the data it stores) – could be compromised if someone hacks into your home Wi-Fi network. “Making sure that sensitive documents and files remain confidential is definitely an issue remote employees need to tackle right from the outset,” said Brian Stark,
able to intercept and access sensitive emails, passwords and messages. There is also the risk that others who live the employee’s home (who use the same internet connection) may see valuable company data. Personal computers: Many remote workers admit to using their personal devices rather than their designated work tech. According to Cisco, 46% of employees report transferring files between their work and personal computers. If employees obtain sensitive data and store it on their personal devices, that puts many companies at risk – especially if said employee ends leaves the company. Another source of vulnerability is that if you, as a remote employee, are using your personal computer and are not downloading the latest updates, you could be more vulnerable to cyberattacks. Best practices for remote workers What steps can employees take to protect multifactor authentication? Multifactor authentication grants access to the device and all software after the employee provides more than one form of identification. Anyone can memorize a password or steal a physical device and unlock a computer. Multifactor authentication can prevent hackers from physically accessing your company device. If your company laptop doesn’t currently have multifactor authentication enabled, ask your employer about implementing one. Use strong passwords. Physical devices aren’t your only concern. If a hacker tries to access any sensitive accounts, you want to make it as difficult as possible for them to log in. Using a password manager is a great precaution, as it ensures you are only using strong passwords, like those with special characters, numbers, upper and lowercase letters, etc. Encrypt your messages. Data encryption helps protect sensitive information by translating it into a code that only people within your company can access through a secret key or password. Even if scammers intercept your data, they won’t be able to interpret it properly. This goes for any messages or information you send, receive or store on your devices. Invest in antivirus software. Your employer may provide a recommended application for a company-issued device, continued on page 14 themselves – and their employers – when working from home? Our expert sources recommend taking the following steps. Implement multifactor authentication. Does your company-issued laptop require
general manager of North America at smanos, a smart home and DIY security systems company. “Of course, ensuring that there is a secure connection to the server is extremely important, but this is ultimately placed in the hands of the homeowner.” Andrew Hay, chief information security officer at LARES, warned that other connected devices in your home may have far fewer security controls than your work laptop, which may give cybercriminals easy access to your device. “Home-based workers must be diligent
Treat your work-issued
laptop, mobile device and sensitive data as if you were sitting in a physical office location.
about what types of systems are on their home network that might also provide additional attack
vectors,” Hay said. “I once spoke with an NCIS agent who conducted an investigation where a naval officer’s laptop was compromised by way of infiltrating his daughter’s laptop.” Security risks of remote work For remote employees especially, there are many security risks – three in particular – that pose a threat. Email scams: Many scammers send phishing emails with the intent to steal sensitive information from the recipient or the company. Especially in complicated times – like the novel coronavirus pandemic – phishers are hoping to take advantage of trusting victims. They’ll often pretend they’re someone within the company, like the CEO or a manager, to establish false trust. Remote workers are easy targets because they’re not in the office and, therefore, hackers are hoping they won’t check to see if the email is legitimate. Unsecured Wi-Fi : During this time, many remote employees are using their private home network, which can increase the risk of leaked data. Third parties might be
13
March 2021 | The Business Review
Made with FlippingBook - professional solution for displaying marketing and sales documents online