In the wake of the developing COVID-19 pandemic, organizations around the world have adopted social distancing practices to slow the spread of the disease, including instructing many employees to work from home. But no one could have foreseen the need for businesses, government agencies, and other organizations around the world to quickly transition the majority of their workforces to remote work.
The fast transition, the sheer number of people now working from home, and the already-devastating economic effects of the pandemic are among the factors that make this time an especially perilous one for enterprise security. IT security teams are struggling to keep up with increased threat levels from COVID-19-related malware and other cyber threats. Newly remote workers are leaving their companies’ networks vulnerable to hackers, and COVID-19-related cyber scams are on the rise as hackers seek to cash in on the crisis. Here’s what you need to know to keep your company safe.
Educate Employees About COVID-19 Cybersecurity
If your organization hasn’t already been giving employees regular cybersecurity training, then you need more help than this article can give. If you have been giving employees regular cybersecurity training, now is not the time to slack off. You should be aware that COVID-19-related cyber scams are proliferating at a mind-boggling pace. By mid-March, Computer Weekly was already calling COVID-19 the biggest cyber-threat in history, due to the massive volume of related malware and scam emails already circulating by that time. By mid-April, Google reported blocking 18 million COVID-19-related scam emails a day.
Cyber criminals love to play on the emotions of their victims to cash in, because users in the grip of a strong emotion, like fear of a deadly disease, often aren’t thinking straight. They’ll click on links or download attachments that they might otherwise have ignored. And many people around the world, having lost their jobs or been physically restricted to their homes or neighborhoods, are looking for a way to make a living, so the ranks of cyber criminals may be swelling, too.
That’s why it’s so important to educate employees about the cybersecurity risks associated with COVID-19. Regular security training will keep employees vigilant against suspicious emails that might land in their inboxes. Make sure to send out regular memos warning employees of common COVID-19 related malware and phishing scams as they emerge. Your employees may not be targeted by specific scams, but knowing what kinds of things to look out for can help them protect the enterprise network.
Of course, you’ll also need a security solution that can detect vulnerabilities and threats and work to neutralize them. Your employees will be reporting suspicious emails, perhaps in greater numbers than ever before, and your IT security team will be facing more threats than it probably ever has in the past. Make sure you have a comprehensive enterprise network security solution to help your team meet these new challenges.
Require a VPN and Regular Security Check-Ins
Your employees’ home networks won’t be as secure as your enterprise network, because it’s unlikely that employees have intrusion detection or protection on their home networks. That’s why you should require employees to connect to the company’s network through a virtual private network (VPN). A VPN can hide your employees’ activities on your network, and help protect your information from thieves.
You should also set network security standards for employees working from home. Put together a security protocol that includes securing devices physically, keeping work and personal emails separate, and locking down their home networks. Implement regular security check-ins with staff to make sure they’re using multi-factor authentication to log into enterprise systems and work email accounts, and to verify that they’re implementing the enterprise security protocols for their home networks.
Give Employees Company Devices to Work from Home
It might be tempting to allow employees to work from home on their personal devices — it would save your organization a lot of money on laptops. But you don’t know what employees are doing on their personal devices when they’re not on the clock, what antivirus and antimalware protection they’re using, or how tight their security is. It’s easier to protect your enterprise network when you issue company devices to employees who are working from home. It’s also easier to keep an eye on those employees to make sure they really are working when they’re supposed to be. When you issue company devices, you’ll be able to synchronize the same endpoint solution across each one, to remove some of the vulnerabilities that can come with a rapid distribution of teams.
The COVID-19 pandemic has brought a lot of uncertainty with it, especially when it comes to keeping your enterprise network secure. Don’t let the challenges of this pandemic leave you vulnerable to cyber criminals. Protect your network, so you and your employees can weather the storm.