Publish Insights 27 February 2021
There are many benefits to remote work—from potentially saving your company money to providing your employees more freedom. However, there are also risks of allowing employees to work remotely, namely subpar cybersecurity opening your company up to potential threats.
As you likely know, cybercrime has become increasingly prominent over the last decade, and businesses large and small have been targeted with serious ramifications. In fact, according to cybersecurity company PurpleSec, there are over 80,000 cybersecurity attacks per day. So, understandably, ensuring that security is a priority while working from home. The real question is, how do you do that?
First, ensure that you communicate the importance of cybersecurity measures to your employees. Instill in them a sense of responsibility to uphold your security protocols while working remotely. Second, ensure that you have a thorough cybersecurity protocol in place. In this guide, we’ll cover a few of the ways you can improve cybersecurity to protect your company’s interests and sensitive data while employees are working remotely.
Complete System Updates on Schedule
All of us can admit that it’s easy to ignore update notifications. Usually they pop up at the most inconvenient times, like when we’re in the middle of a meeting or rushing to meet a deadline. Continuously postponing them until a better time can do more harm than you think.
System updates are essential to ensuring that the security measures you have in place continue to be effective. Even though they may be inconvenient and even annoying, it’s important to stress the importance of these updates to your employees—whether it be system updates, Wordpress, or other programs used for business purposes.
With the average company losing 5% of revenue to fraud each year (according to the Association of Certified Fraud Examiners) and the average data breach costing businesses approximately $3.86 million (according to PurpleSec), companies should adhere to even the simplest of security measures.
Only Use Secure WiFi Connection
Many employees prefer to work in their local coffee shop or coworking space so they don’t spend days secluded at home. And while that’s completely understandable, it also means they’re going to be using shared public WiFi, which simply isn’t as secure as a private WiFi network.
One way to combat this cybersecurity risk is to require everyone to use a virtual private network (VPN) while using public WiFi. A VPN provides a layer of protection by creating a secure connection and masking the IP address. This provides privacy and prevents someone from tracing their IP address while they’re working. You can purchase VPN subscriptions from cybersecurity companies.
The ability to access your local area network (LAN) without wires is a feature enjoyed since the late 1990s. However, this means someone within range of your WiFi router can gain access to insecure networks. Hackers exploit vulnerabilities of weak WEP and WPA encryption. WPA2 became the standard in 2004. Since 2018, devices began supporting WPA3, which became mandatory on July 1, 2020. So install a current router and make sure each wireless device on your LAN supports WPA2 (good) or WPA3 (best) encryption.
Consider the financial implications of your remote access requests. Shareable for Hires reports that 58% of respondents in a Transunion survey said the pandemic had a negative impact on their finances. Quarantine measures has many workers working less hours. As a result, many workers are making significantly less than they were pre-pandemic. If this applies to your employees, consider offering a stipend to help them cover security costs. This includes in-home WiFi or their VPN subscription.
Encourage Password Security
Passwords play a vital role in cybersecurity. However, many of us are tempted to use easy-to-remember passwords. We log in and out of our accounts without having to reset our password every time. Unfortunately, having something that’s easy for us to remember means that it’s also likely easy to hack into. Cybercriminals are targeting our accounts. They have sophisticated technology on their side that can decode your easy password in seconds.
For this reason, you and your employees should use complex, secure passwords while working remotely. Instead of simply relying on employees to come up with clever passwords, encourage them to use a password generator. This creates a complex combination of numbers, letters, and symbols. Better yet, have everyone at the company use a password manager that acts as a vault and saves passwords for you. With this software, you can automatically login securely on to your device.
Do you have employees who like to work in public or have sensitive data on their computer and live with roommates? Emphasize the importance of password security to them. You never know when they might let their guard down and leave their computer unattended. Who might have a curious eye or sticky fingers?
Two-Factor (or Multi-Factor) Authorization
For companies that are especially high risk—or just want to take their cybersecurity to the next level—two factor authentication is a must. Two-factor authentication is a system that requires more than just a password to access certain programs or sites. Typically this is a PIN number that’s sent to your phone. We also see two-factor authentication used when sites require security questions.
For even greater security, you can use multi-factor authentication. Multi-factor authentication requires further security measures to be met. This can include fingerprint verification, facial recognition, and the like. By having multiple layers of access security for important data, you significantly reduce your risk of being hacked.
Improve Your Internal Cybersecurity Today
According to PurpleSec, 48% of data breaches are due to the acts of negligent employees or contractors. But you can take steps to prevent this. You don’t have to of shy away from working from home. Fully embrace it and its benefits for you and your employees. Focus on education (sharing common ways they may be scammed, what phishing attacks look like, etc.) and enforcement.
Cybersecurity Protocol Checklist
- Remote Virtual Private Network VPN
- Local Wi-Fi Protected Access 3 WPA3
- Password security
- Avoid unauthorized device access
- Multi-factor login authorization
- Flag suspicious email
Create a cybersecurity standard that everyone follows. Require that the recommendations above (and other necessary precautionary measures) are put in place to protect your business. Many employees may already be familiar with these processes, so it shouldn’t be too difficult to implement. It doesn’t matter whether you’re in the office or working from home. Having a strong cybersecurity policy in place can benefit your company and peace of mind.