Is your team ready for the next cyber-crisis? You might have been pre-COVID 19, but
are you prepared now? Since most companies now have employees that work from home
(WFH), they are more vulnerable to cyberattacks than you think. Keep in mind that each
WFH employee gives hackers a new entry point to your valuable data and classified
information.
On top of that, new technologies, such as the IoT (Internet of Things) devices provide
hackers with even more points of entry. These devices are known to be insecure and if your
employees use them for work, you must take extra measures to keep your company safe.
Companies like BairesDev can help with cloud application development and custom
software but that may not be enough.
Since it seems the WFH trend is not going away any time soon, now is the perfect time to
rethink your cybersecurity policies. Yes, it may take up a lot of time and energy, but think of
it as insurance against a major cybersecurity breach that can cost you so much more in time,
money, and effort.
Assign a Security Team
Your first step with your cybersecurity overhaul is assigning a group that will manage it.
This group should be capable of:
– Evaluating the current cybersecurity within the company.
– Reviewing current plans and making the necessary updates.
– Creating and implementing measures for WFH employees.
– Providing cybersecurity training for all employees.
– Being the front-line response team in case of an attack.
Although your IT crew may seem like the best place to start recruiting people to serve
on this team, consider employees from other areas as well, such as HL. Regardless of their
job titles, employees who are seen as leaders are great choices because others will listen to
their instructions more readily. The head of the team should directly report to the CEO.
One of the most important things this team should do is establish an alternative way of
communicating in case the normal channels, such as the company’s email system or project
management software are disrupted. This plan should include all parties of interest such as
employees, vendors, customers, and other collaborators.
Revise Security Policies
The security policies a company implements should be tailored to its needs. They must
also be practical. The secret is to find the weakest points and strengthen them. Below are
some points to consider:
-Have a strong backup system. Since breaches do happen, it is of essence that your
company has a strong backup system so that you continue to have access to your data and
information. The ideal backup system has both onsite and offsite backups.
-Use MFA. MFA, multi-factor authentication, does not only rely on passwords. It uses
other methods to verify identity. For example, you can use a code sent by text. Relying
solely on passwords is a cyber-disaster in the making.
-Update software. All software, including regular patches, should be updated frequently.
The IT departments should have scheduled updates for applications if this isn’t being
performed automatically. If this process is costly to the company then a system that updates
the most sensitive data first should be put into effect.
-Validate DDoS protection. A DDoS (Distributed Denial of Service) attack is when
cybercriminals overload a network so it becomes unavailable. So DDoS protection is a must
if you want to secure your online services. According to Microsoft, “Your DDoS protections
should be always on, automated for network layer mitigation, and capable of near real-time
alerting and telemetry.
-Increase physical security. Make sure you have security cameras monitoring all entry
points and important workstations at all times. Have employees show IDs at all entry points
when entering and leaving. Finally, encourage employees to report any suspicious behavior.
Enforce WFH Measures
Enforcing cybersecurity policies with WFH employees is not as difficult as you think they
are. Here are some steps you can take to protect your company’s valuable data:
-Use secure Wi-fi. Make sure your WFH employees use strong passwords and have
up-to-date equipment. Keep them from working in public spaces because the connection
may not be safe.
-Keep physical device security. As long as the wi-fi is secure, it is alright for you to work
in a coworker’s space. However, you must be very careful about securing devices when they
are not being monitored.
-Use VPNs- VPNs are virtual private networks that allow WFH employees to create a
secure connection to another network. Make sure your VPNS are up-to-date.
-Use encrypted messaging. Companies should encourage workers to use encrypted, enterprise-focused services like GoRemote as much as possible.
-Make sure your work and personal devices are kept separate. Use separate devices at
home for personal and work use like you do in the office. Do not allow friends or family to
use your work computer.
– Install anti-virus software. All employees should have anti-virus software installed in
their work computers.
Sponsor Security Training
All workers should be aware that the training process is ongoing. Everyone should be alert
at all times and adapt cybersecurity in your company’s culture. You might even have drills to
see how quickly your employees will react to a breach occurrence
Set an Example
Set an example to your team by showing your commitment to cybersecurity. Show them
that security is a serious matter and very crucial for your company’s future. Keep in close
contact with your security team and implement all the above measures. Remember, by
following these processes, your company will always be safe, not only during the pandemic
but for many cyber years to come.