Dr. Gleb Tsipursky – The Office Whisperer
Nirit Cohen – WorkFutures
Angela Howard – Culture Expert
Drew Jones – Design & Innovation
Jonathan Price – CRE & Flex Expert
- While many describe the ability to work from home as a comfortable solution, it does come with its own set of risks.
- Cybersecurity threats can arise from workers using insecure, personal devices to access company servers and data.
- Some strategies to protect your company and employees include two-factor authentication, strong password management, and use of a VPN.
Work from home has become the new normal; traditional meetings have migrated to a virtual environment and so have all the deliverables.
But, how prepared are we to leap, both tech, and execution-wise?
The Comfort that Comes with a Risk
While many describe the ability to work from home as a comfortable solution, it does come with its own set of risks.
Below are some of the tech and cybersecurity issues organizations and workers alike should keep in mind when working remotely.
1. Non-secure devices
To name one of them, how many of your employees are using personal devices for work-related purposes? You may have direct control over what software gets installed in the office and assign permissions accordingly, but you get none of that when your employees are no longer using in-house devices.
Some may do it due to being more familiar with them, and others may not have the budget to afford a dedicated workstation. Either way, these devices are potentially insecure due to not having the proper cybersecurity tools installed.
Since malware may be lurking inside and your employees are using these devices to log into company servers where sensitive data resides, ensuring device security needs to be a company priority.
2. Lack of education
Since the workplace has migrated to a virtual environment, some (or all) communication between employees and their supervisors may now be taking place via email. This looks fine on the surface, especially if people you are working with and know what they are doing. But do they know how to recognize a phishing scam as it lands into their inbox?
In essence, a hacker may contact one of your employees, posing as one of their superiors. They may either give them a fraudulent request or use other trickery forms to con them into revealing login credentials, give away sensitive company or client data, etc. In case your employees are not properly trained to recognize the warning signs of a phishing scam, they could fall for it.
3. Connecting to public Wi-Fi
There’s something enticing about the idea of getting work done while sitting in the local coffee shop, enjoying a cup of one’s favorite drink. It even comes with free Wi-Fi to boot.
But therein lies the problem – you could potentially be putting your personal data, bank accounts, passwords, and identity at risk.
Without even being the wiser, your employees could be leaking your company’s secrets to an unknown third party. The solution is to either instruct them to stick to their home Wi-Fi networks or use a VPN (the benefits we’ll explain in the second part of the article). Under GDPR, this can result in heavy fines, not to mention the loss of your clients’ trust.
More stories for you
The Steps Necessary to Keep One’s Data Secure
Make it a priority to teach your employees about the following:
1. Strong password management
Many people make the mistake of either reusing their passwords or dumbing them down to remember them easily. Instead, they should be complex and varied. In case remembering them is an issue, a strong password management tool can save the day.
2. Two-factor authentication
In addition to designing a password so that it is strong, two-factor authentication ensures that only legitimate users can access the company accounts. The reason is that by turning it on, the person trying to log in will also have to enter a randomly-generated code that’s sent to their smartphone.
3. Regular backups
There is always the risk of a work device being stolen, hacked, or crashing down, with the obvious consequence of losing the data inside. The workaround is to make regular backups, either offline or to the cloud, so precious time isn’t wasted, and work can resume as soon as possible.
4. VPN
A VPN establishes an encrypted tunnel between the employee’s device and the server that a person is trying to connect to. It’s an effective solution for staying safe while connecting to public Wi-Fi networks that are not secure.
5. Antivirus software
A malware of various sorts is a cybersecurity threat, particularly keyloggers. Therefore, it’s a good idea to ask your employers to install antivirus software and keep it up to date to prevent an infection.
6. Firewall
A firewall allows you to monitor your network traffic. This makes it easier to spot suspicious network activity and prevent unauthorized access.
7. Encryption
Storing sensitive data in plain text is like asking for trouble. Instead, your employees should learn about how to encrypt sensitive work-related files, rendering them unreadable to an unauthorized third party.
8. Locking devices
Leaving devices unattended in a public area can expose them to thieves or people looking over your shoulders. The right course of action is to keep an eye on them, never leave unattended, and lock while you are away.
9. Properly configured routers
A home router that’s not configured properly can be a cybersecurity risk. At the very least, instruct your employees to change the default password on their router.
