COVID-19 Update

5 Good Cybersecurity Practices in the Remote Work and COVID-19 Era

Cybercriminals and hackers are ramping up their attacks to exploit remote work, but there are several things you can do to shore up your home networks.

Leave a Comment

AV integrators, like IT and managed service providers, can hold the keys to hundreds or even thousands of enterprise networks, making them a prime target for cybercriminals.

Hackers are increasingly targeting service providers, and those attacks are now increasing as companies everywhere adopt a remote work strategy that opens new doors for cyberattacks.

Cybersecurity and antivirus company Bitdefender found that pandemic-related attacks increased five-fold in the first two weeks of March. In May and June, an average of 60% of all received emails were phony.

According to the FBI the agency was at one point receiving more than 3,000 cybersecurity complaints each day, a huge leap from the typical 1,000 daily complaints. And, Microsoft reported that nation states like Russia, China and Iran are targeting political groups, enterprises and other victims leading up to the U.S. election in November.

According to an April report from ransomware incident response company Coveware, the average ransomware demand in the first quarter was $111,605, a 33% increase from the end of 2019.

With these attacks on the rise, it’s critical that your integration firm takes steps to secure your remote workers in order to also keep your enterprise clients secure. Do these five things now to keep bad actors out of your business:

  • Upgrade and update software. If your operating system and apps are out of date, update them immediately. That includes cybersecurity software like firewalls and anti-virus programs. Out-of-date solutions are goldmines for hackers to infiltrate. These updates should be set to automatically update in the background.
  • Log into your home network infrastructure. Users can log into their home internet router and Wi-Fi router to change their password to keep hackers out. Default passwords are typically “admin.” Users can turn off traffic to certain services. IT staff should walk end users through this since it can be difficult.
  • Deploy a VPN. Virtual Private Networks (VPN) create an encrypted route between end users and a remote server operated by a VPN service. Internet traffic is routed through this and the location of endpoint devices are masked, so data is secure from prying eyes that otherwise could intercept it via a public Wi-Fi network.
  • Multi-factor authentication. MFA or two-factor authentication (2FA) is a great roadblock against phishing scams since it requires multiple sets of credentials in order to access certain systems or apps. Enable this on every app that offers it or invest in security solutions with integrated 2FA.
  • Train your employees. Then train them again. Good cybersecurity practices are the best way to thwart a would-be attack, but humans aren’t perfect and will slip up now and then. Make sure your employees know how to spot a phishing email and train them on other good cybersecurity habits like password security and which websites and apps to avoid.

 

CoronaVirus Update