We’ve been focusing our attention on the security risks with coronavirus (COVID-19) and businesses having to conduct day-to-day operations in a different format due to the enforced implementation of a remote workforce for health risks involved with COVID-19. We’ve given you a checklist to develop a pandemic plan and security tips for businesses with employees working from home. Today we want to give you a couple steps that you can take to share cybersecurity measures that help employees to avoid falling for COVID-19 risks.
When it comes to remote work, it isn’t only about the network, technology and processes; it’s also about the human element. Since using tools and emails is something your employees are actively doing, they are the first line of defense and can reduce your chances of getting hacked at this time. Let’s take an example of one such situation.
One of the tools that is presently in use and opening businesses to risks through the human element is Zoom. Some of the people using it for video-conferencing are using it for the first time. This means they are not as familiar with the tool, which already leaves room for error in the setup process.
Step 1: Make sure employees know how to set up any tools and/or emails in a way that keeps privacy and security measures up to the highest level of setup possible.
The next risk you want everyone to be aware of are phishing attempts. This includes phishing emails, but also hidden malware and risks in fake landing pages that appear to be legitimate websites.
Interesting fact, March saw the number of daily Zoom meeting participants reach over 200 million (to think that in December that number was 10 million). Also, important to note is that there have been as many as 2,200 new ‘Zoom’ domains registered in March alone. Almost a third of these new websites are connected to an email server, which researchers found point toward the potential for them being used to harvest login credentials through a successful phishing attack from users who don’t know how to spot a fake website or email invite to attend a meeting.
Step 2: Train employees to know what to look for when it comes to phishing risks with tools you use, such as Zoom, and email messages that create urgency or hype around COVID-19 topics.
There have been warnings of an uptick in social-engineering emails that promise to provide financial relief during the COVID-19 pandemic. These emails started following the news of how governments are providing the opportunity for relief packages to businesses and individuals alike.
As you may know, hackers are always ready to leverage crisis situations, and this is no different. Here are additional bonus steps to take into consideration so that you can reduce the risks from the human element, and actually create a stronger security defense thanks to your people; no matter where they are working from now, or in the future.
Bonus step 1: For the holidays we shared a cybersecurity guide to safe online shopping. Even though it’s not a holiday and it’s not about shopping, the guide assists in various cybersecurity areas that involve the human element. Share with your employees: Holiday cybersecurity guide to safe online shopping
Bonus step 2: Share this blog to help employees to spot phishing emails: Three tips for spotting phishing emails
The increase of vulnerabilities present when working from home increased exponentially within a matter of weeks. This is not enough time for a business to prepare, even for businesses with a good cybersecurity posture. The aspects of having this large of a remote workforce all at once is something no business expected and therefore it’s not included in the foundation of the cybersecurity plan at hand. If you need help, please feel free to reach out.
Schedule your free consultation, we’re here to help!