We’re all getting a bit more comfortable working from home now that the effects of the coronavirus outbreak are being felt across the country and around the world, but it is it possible we’ve already gotten a bit too comfortable about our new working arrangements?
Because of how quickly many people transitioned from their cubicles to home offices, it’s possible one of the considerations that got ignored or forgotten in the frenetic pace of change was cybersecurity. In truth, that should have been one of the first things employers considered.
“IT people have been busy getting everything buttoned down, but I think there’s still an awareness challenge across the board,” says Defendify co-founder Rob Simopoulos.
That awareness issue is especially pronounced among smaller companies with 500 or less employees, he says, but the biggest corporations aren’t exempt from cybersecurity challenges either. They’re more enticing targets but sometimes don’t do enough to protect themselves.
Two-factor authentication should be in place for all companies that has any employees working at home or outside the office, say Simopoulos. The average company uses about 20 software applications for billing, accounting, videoconferencing and other tasks, he says.
More Work-from-Home Cybersecurity Tips
It’s important for company leaders to explain why they’re putting these cybersecurity practices in place so employees understand the importance of being diligent when they break free of their cubicle walls.
Companies should also have an incident response plan so everyone know what to do in the event of a cyberattack, says Simopoulos, and should perform regular cybersecurity assessments.
It’s also important to make sure your remote connections are secured, he says, and to “update and patch anything to do with your network,” he says. Vulnerability scans will alert business leaders about what changes they need to make to bulk up their cybersecurity, says Simopoulos.
Having so-called ethical hackers test your cybersecurity is another way to prevent or at least limit your breaches.
“All it takes is one compromise on one system,” he says. “Many people use the same password for everything.”
Company leaders must make it clear that only their employees should use their work computers and that they shouldn’t write down their passwords, says Simopoulos. They should also train their teams on some of the common cybercriminal practices, such as seizing on people’s fears.
These days, that means spoof emails focused on the coronavirus pandemic, for example, he says.
Building a work-from-home culture for all employees—not just the ones who regularly work from home—can help to prevent some of these breaches, says Simopoulos.