In light of the outbreak of Corona virus, The Maharashtra Government, has announced ban of gathering of people in public places, including a practical shutdown in Mumbai. Companies are directed to consider Work-from-Home options as a measure of prevention and shut down their operations till 31st March 2020. This move is adopted to prevent the spread and contain COVID-19 virus.
Considering a shift in work culture has its own set of challenges, this article addresses a most common cyber security vulnerability in transiting to Work-from-Home. There is recent surge in request, even from large organisations to build a robust Work-from-Home IT policy, which can take care of the protection of sensitive data on employee device, while he/she is working from home. But what worries me, is that most SME and Startup organisations have weak or almost no policy to counter the security issue arising from Work-from-Home.
Some basic steps in the direction of being Cyberspace safe organisation are discussed below for your understanding:
1. Educate Employees
Companies take security too casually and assume that employees are aware of the do’s & don’t, but the fact is many are not fully knowledgeable in regards to security. Training employees on security measures like how to configure a safe home network, treat suspicious emails and links, and what a secure password looks like can help keep your organisations sensitive information secure. It’s also important that employees understand work-owned computers are not family computers; it is for their use only.
Use tools such as #GoogleHangout, #Teamviewer #Zoom to conduct trainings and help the employees configure their home network.
2. Be Wary of Wi-Fi
Using public wireless networks can be risky. Knowing that employees are likely to logon from cafés and other public hotspots, companies should set up a system to provide remote workers with secure access through virtual private network (VPN) software, which encrypts remote workers’ internet traffic and monitors signs of infection.
There are lot of free VPN solutions that you can use to secure remote access for your employees, few can be found in this article by #TechRadar
https://www.techradar.com/in/vpn/best-free-vpn
3. Use Security Software
Malware that is responsible for data theft usually infiltrates devices through the internet and email. Ideally, companies could restrict personal web browsing and email, however that isn’t very realistic and is bound to result in push-back from employees. Instead, utilize security software along with the latest versions of all applications. Workers may not always make the necessary application updates on their own, so activate automatic updates from software makers to reduce vulnerabilities and ensure patches are deployed when needed.
I personally would always advice one to invest in security applications and not go for freeware security applications. I don’t want to recommend any products here, but a quick look at the below link will provide you with pros and cons, to help you shortlist the best one suited for your needs:
https://in.pcmag.com/software/38338/the-best-security-suites-for-2020
4. Install Encryption Software
Offcourse! Hacking of devices lead here, but lost and stolen devices can also be very damaging if they get into the wrong hands. Lessen the risk with whole-disk encryption software, which bars access to data by unauthorized users. Also, install remote-wipe apps on all mobile devices so data can be easily erased if the device goes missing.
A quick glance through the below link should help you understand encryption and choose the most suited products:
https://www.businessnewsdaily.com/9391-computer-encryption-guide.html
5. Move to the Cloud
Using a private, virtual private, or hybrid cloud enables employees to work from any location, while handing over most of the data security responsibilities to a cloud service provider. A reputable provider is better equipped to manage and monitor security (especially beneficial for small business), and they are highly skilled and staffed in order to quickly respond to an attack and offer faster recovery times. In addition, a cloud provider generally offers higher levels of encryption so that data is not only easily accessible for remote workers on the move, but also better protected from threats like ransomware.
Consider checking a list of various cloud based service providers to shortlist your needs:
https://www.cnet.com/news/best-cloud-services-for-small-businesses/
#CoronaVirus #COVID19 #Work-from-home #Cybersecurity #CyberSafety #DataProtection #Startups #AddreyPost
Copyright © 2020 Addrey Consultancy. All rights reserved.