Cybersecurity Threats for Telecommuting Employees
Between Webex calls with clients, weekly status calls on Zoom, and even virtual conferences, Enterprise Video Conference has quickly become a reliable substitution for in-person human contact. An unprecedented number of people are suddenly working remotely. It is the technology that is keeping us connected to our coworkers and customers.
For many business leaders, the pace of technological change is faster than wanted, and technological adoption is rising at an exponential rate. If you have sat on the sidelines, not allowing telecommuting for your workforce or enabling your workforce to telecommute without a strategy, I would like to remind you that telecommuting is a business strategy.
A formal telecommuting policy offers your business a flexible work environment and increased peace of mind as you maintain the productivity of your workforce. However, a telecommuting option for your company is not without risk. With the increased number of remote workers, companies need to prepare in various ways to reduce cybersecurity risk, and some of the security controls will need to shift. Let’s discuss how you can minimize that risk for your company.
Get a Policy
The accelerated adoption of telecommuting, where the workforce transitions to a work-from-home arrangement, means that many companies are rushing to establish remote IT operations. In a rush to allow the workforce to work remotely, sometimes essential security protocols are neglected. Updating policies and procedures to incorporate a telecommuting workforce signals your organization’s understanding that external environments introduce new threats to your organization. The telework policy should document acceptable remote access, including protocols for device security, restricted access to sensitive data, and employee’s responsibilities to maintain security while working remotely.
Get Connected
Secure workforce devices. In general, a secure device has up-to-date security patches, secure communication enabled, and encryption. A security patch is a piece of software issued when a security flaw is discovered. By ensuring company-owned devices have up to date security patches, you can keep a hacker from exploiting the weakness. When your workforce is accessing documents and applications, you need to ensure that their connections are secure. Using a VPN (a virtual private network) to provide a secure direct link to enterprise resources is a great defense along with adding multi-factor authentication as an additional layer of security that requires the user to enter a second form of authentication, such as a code sent to the phone to gain access. Encryption provides an extra layer of security to restrict access to sensitive data while also meeting HIPAA, SOX, PCI-DSS, and other regulatory compliance.
Cyber Threats
Hackers are taking this pandemic moment to use various hacking methods to steal data – from emails with malicious attachments or phishing scams where hackers pose as CDC officials, to fraudulent websites to trick victims into revealing sensitive information.
Educate your workforce on phishing dangers. Phishing is a cyber-attack that uses email to gain access to your device for malicious purposes. Communicate to your workforce about phishing dangers along with delivering phishing tests to heighten awareness. Instruct your workforce on remote work best practices, as to avoid public Wifi networks and to secure personal wireless networks to reduce the risk of unauthorized access to sensitive information. Finally, be diligent about identifying spoofed websites; these are fake sites that mirror legitimate sites with the intent of installing malware on your device or get you to enter personal information.
Are you Confident in the Security of Your Telecommuting Strategy?
Let’s schedule a call to discuss your company’s cybersecurity plan.
*** This is a Security Bloggers Network syndicated blog from Datcher Group Inc authored by socialdgi. Read the original post at: http://datchergroup.com/cybersecurity-threats-for-telecommuting-employees/
