Cyber risks are a concern for businesses in Australia and worldwide that continue to work from home due to the COVID-19 pandemic. This set-up may increase the possible attack surface for cyber-criminals to target your organisation. Stratium Global continues to report on and provide advice about cyber-security risks challenging businesses during COVID-19.
When just one employee’s device at a company is compromised it can have far-reaching consequences and fast! Ransomware attacks have jumped significantly since the onset of the pandemic – exploiting remote workers. Once a device gets infected with a virus, it can spread fast through the entire network where it can encrypt or lock up files and databases often leaving a company with a single option – to pay the ransom.
BEST CYBER PRACTICES FOR YOUR REMOTE WORKFORCE
- Your work colleagues must understand the cyber-security risks relevant to them while working from home, and further, what they can do to minimise these risks. Training software is particularly useful to help workers identify potential threats and then be tested with simulated exercises.
- Streamline and communicate your organisation’s internal security policies. A clear chain of command for dealing with suspected or confirmed cyber-security incidents must be understood by all stakeholders. Procedures pertaining to the use of personal devices for work related matters, installation of software on company devices etc. must be clearly articulated.
- The operating systems running on all company devices must be regularly updated.
- Online backups of all servers and devices so that data can be restored elsewhere if an attack occurs is essential.
- Review your disaster recovery plans and alter as necessary. Your organisation’s incident response and data security plans should correspond to a remote workforce set-up. Your cyber-security team should test these plans to encourage an adaptation in response due to the change in work circumstances.
- Appropriate password management and two-factor authentication offers an additional layer of security.