Seven tips for a safe and efficient remote workplace
As the pandemic sweeps across the globe, paralysing communities and businesses, something else lurks in the shadows, waiting for the right moment to strike. It sounds like a thriller novel of suspense and mystery, but in reality it's much darker than that.
Cybercriminals will stop at nothing to trick you or your users. Even the spread of a deadly virus won't stop them from spreading their viruses or attacking companies and organisations around the world. In our search for information about the virus, cybercriminals use elaborate social engineering attacks to get at our information. Recently, malware was spread via several websites that published maps visualising the spread of Covid-19 around the world. Visitors to the sites were tricked into downloading and running a file that infected their device and the hackers accessed their stored passwords.
More and more companies and organizations are adopting the "work from home" principle and digital tools that we may have used only sporadically in the past have now become the primary way we work.
Be extra vigilant against Phishing attacks
There is now a lot of information about Covid-19 from many different sources and even from hackers. Hackers will do anything to get you to give up your data or download malware to your device, for example by giving false information about how to protect your and your company's data. Once the hacker has control of your inbox, your details are used to send out invoices, for example, but with edited account details so that the payment goes to the hacker and not to the company. All but the most sophisticated social engineering attacks are stopped with multi-factor authentication. User vigilance and training are very important and are the last pieces to protect against attacks.
Now more than ever, employees and employers alike must be extremely careful to protect themselves and their information from falling into the wrong hands. To minimise the risk, here are some tips for you.
1. Checklist to minimise phishing attacks:
To minimize the risk of phishing attacks, make sure to do the following:
- Please note that sometimes there is only an "l" instead of an "i" that is changed
- Verify the sender
- Enable multifactor verification on your accounts
- Please do not hesitate to contact the sender to verify the transfer and in particular for any change of payment details
- Run an "internal" phishing campaign to test the organization and train those who are on the "phishing" bandwagon
2. Good "hygiene"
Just as we all now wash our hands to keep them clean from viruses, it's important to do the same with our equipment. Is your device up to date with the latest updates from the vendor? Is your network equipment at home up to date and using strong passwords. Be suspicious of the internet and follow company guidelines.
3. Use known and protected networks
Work only on secure and password-protected networks. If you must use public or guest networks, use them with great caution and do not work with confidential or sensitive information.
4. Lost or stolen device
As more work is now done remotely, there is also a greater risk of stolen or lost devices. Report a lost device to the IT or Security Department for blocking and erasure. At worst, a lost device is a hijacked identity and you should therefore also change your password.
5. Secure remote access to resources
Have you implemented a remote access solution in a panic as a temporary solution? Since no one knows if this will last for weeks or months, start now to secure remote access to your systems with multifactor.
6. Secret information is secret even when you work at home
As many people now work from home, they may take the opportunity to take the review meeting during their walk or sit on the patio during the Team meeting with a cup of coffee to get a break from the home office. But who really hears what I'm talking about, or sees what I'm working on?
7. Use the company device
Of course, it's tempting to use your own devices while working from home. Maybe you have a bigger screen on your own laptop, but can you guarantee that what you're working on will be saved in the right place when you're not using company equipment? Maybe you accidentally store sensitive information on your own device that gets into the wrong hands.
As an employer, don't you know how to give your employees the right conditions to work from home or remotely? At AddPro, we can help you and your business create a safe and efficient workplace. The SecureIT workshop will give you hands-on experience of how the security features of Office 365 work and how you can use them to protect your users from intrusions and malware. Sign up now - before you get hacked. Or contact us for help today!