Many IT professionals give a whole-body shudder when considering the idea of sending their executives on the road with a laptop and password-based access to company files. What happens when you suddenly have to outfit your entire workforce to access confidential information remotely — short-staffed and in record time? The COVID-19 crisis caused exactly that perfect storm that could easily become a devastating experience for unprepared companies. Without access to secure, reliable IT infrastructure, it’s not surprising that some companies quickly fell victim to the overwhelming assault on their systems by cunning cybercriminals. From phishing emails to BYOD issues, here’s how IT experts from around the country are encouraging their clients to protect against the expected onslaught of cyberattacks. With Buffer stating that 99% of employees prefer to work from home and a significant portion of CFOs considering this option, it’s time for companies to prepare for long-term WFH scenarios that will protect company and customer data.
Is This Really My Tech Support Person?
Companies with a limited group of tech support professionals may need to look outside their (virtual!) walls for more assistance, especially when something unexpected like the rush to work from home occurs. When that happens, it’s not unusual for there to be new IT technicians in the mix — people who may not be personally known to your team. Cybercriminals are taking full advantage of this and contacting users under the guise of trusted IT support professionals. Philipp Baumann of BoomTech Inc recommends this: “Coach your staff that your vetted internal technical staff will never ask for passwords or other confidential information such as security settings. Providing these details to a hacker can easily put your company at risk of a serious cyberattack.”
Learn to Control the Egress of Company Data
The risk of data loss has increased dramatically over the past six months, driven in part by employees that are 123% more likely to copy data to a thumb drive, email, cloud drives or other removable media. What’s worse? Much of the data that’s being copied is also classified! “Employees need to be made aware of the dangers of their actions, particularly those that have high-level clearance and are regularly accessing sensitive data”, notes Evan Eakin of Elevate Services Group. “You can no longer rely on office controls to protect your company against the threat of data loss.” While well-intentioned staff members are simply trying to get access to the tools and information needed to perform their daily tasks, they are unwittingly creating a dangerous situation for their organization. It’s essential that companies provide staff members with the protected data and access solutions that will not be barriers to productivity with the future of remote work.
Harden Your Security Against Looming Threats
It’s easy to be quite confident in your corporate cybersecurity with a range of checks and balances that often includes security standards tweaked to protect your business over a series of years. Unfortunately, companies are now confronted with dozens, hundreds or even thousands of home-office configurations, few of which would pass muster for a corporate security check. “The threat landscape has shifted drastically towards the side of threat actors. Businesses must react quickly to provide staff with remote access that will facilitate a well-planned and secure migration to remote work”, according to Carl Fransen of CTECH Consulting Group. A low-end firewall and local antivirus solutions are not enough to protect your organization against a concerted attack against your digital assets. Home systems are often shared between family members, greatly increasing the chance of an attack. “Threat actors no longer have to focus on the hardened security of the organization, but rather on the much softer target of a home system”, continues Fransen. Hacking tools continue to quickly evolve, leaving home systems and a lack of technical expertise to form a dangerous mix of corporate vulnerabilities.
With companies having few choices other than outfitting their teams for remote work, a continued focus on cybersecurity and preparedness may be the only way to protect against these sobering risks. Often, the greatest challenge is finding the ideal mix of practical solutions that will help staff members be effective and efficient regardless of their physical location.
