The Great Quarantine: Cyber Precautions When Working From Home
With the Great Quarantine in effect, many people are working from home. By some estimates, as much as 47 percent of the workforce already worked from home occasionally, but now that number is much higher.
With the work occurring in home environments, there are a number of cyber-security issues which employers should be aware of, and a number of precautions employers can take:
- First, if you have cyber-insurance, check whether the policy will cover remote users or personal machines which may become compromised. Better to ask the question of your insurer now than find out later the coverage does not extend to home users.
- If your employees are using their home computers for remote work consider purchasing virus scanning software for the employees home devices. Companies may be able to stretch their current subscriptions to cover work-from-home devices. Many of the major virus programs offer subscriptions to install the application on several devices, including phones and tablets in addition to the traditional computers. Also, virus scanning software often includes ransomware protection and firewall protection as well. Keeping those computers running will help with productivity during this time.
- Consider asking or requiring employees to encrypt their hard drives. Encryption in the form of BitLocker is an option on Windows 10 machines. The program is fast and easy to use and will encrypt on the fly so you don’t lose any downtime. Newer iPhones and other Apple products have built-in encryption and Android phones can use third-party programs like Knox to protect data. BitLocker can also be used on USB and removable hard drives as well.
- Consider paying for Virtual Private Networks (VPNs) for employees. Services like Private Internet Access (PIA) have apps for Windows and iOS and can protect your employees’ Internet connection. The cost for such services can be as little as a few dollars a month and most offer the user access to the service on a number of different devices without an additional expense.
- Ask employees to ensure their home Wi-Fi is encrypted. Most routers have WPA2 enabled by default, but a quick check to ensure encrypted connections using the latest standards can prevent wireless sniffing save money and time in the future.
- Consider using team-based communication applications such as Slack or Teams to share information via instant messaging. Creating the groups are easy and having the application open and running can, to a certain extent, replace the social interaction and create the ability to share information instantly.
- Finally, share information early and often with remote employees. Sharing the latest phishing email with everyone or the latest Business Email Compromise (BEC) scam can alert everyone to the issue. If one employee is targeted with a phishing email other employees will surely be targeted as well. Working in the same office allows the sharing of such information almost instantly through word-of-mouth, but remote users will depend on the sharing of that information via email.
Creating a plan and checklist for all employees can help to ensure that your employees are on the same page as your company’s policies, and will help to protect your data and company from unnecessary expenses. There are a number of other options and steps employers can take to protect their information; just a few are listed above, but with tight budgets, it is better to be safe than have to recover from a cyber attack.
Any programs mentioned by name above are not an endorsement, and may not work in your current IT environment.