When it comes to cybersecurity, we all seem to be in a “gray” phase. The situation is that physical offices are reopening, some workers are remaining at home, and everyone needs to be aware of safety measures to protect their devices from infection.
Previously, a metaphor of a business’s IT security method was that of a fortress or castle. IT built secure walls and fortifications around the business. They derived defensive strategies against attacks and could keep accurate inventories of all devices, even private ones, that could gain access beyond the barrier walls.
Now, more than ever, workers are away from behind the castle walls but still need all the protection a castle provides and more.
Here are some potential IT risks and safety recommendations while workers are remote and still need access to the VPN to do their work:
Virtual work environments are reopening: Many remote workers gather at coffee houses or other such places while doing their work. They usually have free power, free or lost cost refills, and, unfortunately, access to free public Wi-Fi. Previously, you were not supposed to connect to the public Wi-Fi – now, it is an absolute MUST that you do not connect to the public Wi-Fi. Also, anyone breaking social distancing rules and peering at your screen isn’t just being rude, they are trying to gather your login information. You used to be able to ask other virtual workers to watch your computer and belongs when you got up to get a refill, now your stuff is going to be long gone.
Guidelines: When working remotely and you absolutely need to access the internet, turn on your phone’s mobile hotspot capability. This feature enables you to turn your phone into a secure, password-protected Wi-Fi access point that other devices can use (such as your laptop) to access the internet. This capability is under your phone’s connection settings. When you turn on your mobile hotspot, you will be asked to close your other wi-fi networks. This is also where you can set your mobile hotspot password, which is a must. Also, trust no one, don’t trust them to watch your things, be aware of your surroundings, and turn your screen from view.
The flood of new devices on the network need to be accounted for and secured. Each remote device needs its own fortification from cyberattacks.
Guideline: IT needs to know which employees and which of their devices are attempting to access the VPN. Then, IT needs to verify that each are clean and safe before connecting and accessing the VPN.
Disgruntled workers. It is a stressful time, and the fear of job loss, lack of raises, the pressure to remain focused can get to anyone. While this does not excuse the cybercrimes or attacks that they may do, it does make employers aware that they need a zero-trust policy.
Guideline: Have IT set strict security levels and only give access to those areas an employee needs and no more, regardless of their role or position in the company.
Overall, remote security, password protection and anti-phishing policies are a must for businesses. The effectiveness of these policies relies upon a continual emphasis on employee education and awareness.
As the world continues to be in a state of flux and it seems as if there’s a new change every minute, remember that we’re here to address and guide you through remote access risks, enabling security measures and empowering your employees against cyberattacks. You can always contact our team of technology experts at MidnightBlue.