Remote Work Cyber Security Guide
Remote work is here to stay and with the recent events, many companies big and small have been forced to make the switch to remote work. While there are many wonderful benefits that come with remote work, there are also many threats that come with it as well. Cyber security breaches can cripple a business and cost millions of dollars in damages.
Statistics on cyber security why you need it.
There are many reasons why you need to take cyber security seriously. When you switch to remote work, your employees and devices are going to be spread out and will actually increase your exposure to risk. Here are some statistics on cyber security and remote work:
- $6 trillion in predicted damages annually by 2021 – Cybersecurity Ventures
- 43% of breaches involved web app attacks – Verizon
- $133,000 is the average cost of a ransomware attack on a business – SafeAtLast
- 43% of breach victims were small and medium businesses – Verizon
- $3.86 million is the average cost of a data breach – IBM
Remote work cyber security threats and how to prevent them.
1. Unsecure Wi-Fi and Internet
Companies with offices are able to ensure that their Wi-Fi and internet is secure and protected. Remote work means employees have the opportunity to work from home, at cafes, or basically anywhere that there is an internet connection. The problem is that most of these connections will not be secure and could be the perfect in for a hacker. There are a few solutions for unsecure internet with remote workers. The first solution is to use a Remote Access VPN network to protect the connection. A Virtual Private Network will encrypt your connection making it harder for hackers to gain access. The second solution is to give your remote workers their own mobile hotspot to use for work. Remote workers typically love to switch up their work environment by working from cafes, hotels, and other public places. Unfortunately some of these internet connections may actually be fake and set up by hackers. By providing your employees with a mobile hotspot, they will not have to use any public Wi-Fi. Just be sure to teach them how to use it securely.
2. Phishing Scams
Phishing Scams are when a hacker or scam artist sends an email, text, or message that appears to be official in order to convince the individual to share private information such as passwords or to download malware. The best solution for preventing phishing scams is to educate your employees on how to spot phishing and how to avoid these scams. Using a secure email server, or cloud service like G Suites is another great way to prevent phishing. In some cases hackers may gain access to ex-employee’s email accounts and use them as an in. Be sure to monitor your G Suites or email service to remove old and unused email accounts.
3. Malware attacks
Hackers are working incredibly hard at taking advantage of the current remote shift. Malware stands for malicious software and is what hackers use to install viruses, ransomware, and spyware. There are a few things you can do to avoid malware attacks. The first is to use a top security application and to keep it updated on all devices. The second is use cloud environments that your IT people can monitor and protect. The third is to provide remote employees with work only devices. Providing remote employees with remote only devices will lower your risk of an accidental malware attack greatly. Providing your employees with devices also will give you remote access to ensure that the security is updated.
4. Insecure Passwords
This is perhaps the easiest to avoid and yet it still happens at an alarming rate. Be sure to educate your remote team on password choice and force them to change passwords for company accounts periodically. We recommend at least every 3 months.
5. Rogue Employee Access
When a remote employee leaves, there is always a potential risk that the ex-employee may cause damage. It is important to use cloud systems and user roles to protect yourself from this happening. When an employee is terminated be sure to instantly remove all of their access. Use user roles to restrict new employee’s access until they are trusted. Many attacks on companies come from within.
6. Be Proactive
This is probably the most important piece of advice I can give companies that are considering switching to remote. I’ve seen many companies over the years that were not prepared and ended up paying heavily. Acting retroactively could cost you your business and then some. Consult with a professional and find proactive solutions in order to prevent a cyber security breach.