Nine tips to improve your cybersecurity strategy in the new normal
The last few months have brought drastic and long-lasting changes to businesses, and for lots of us the way we work may never be the same again.
We need to prepare for a possible permanent move to remote working or at least a blend of home and office working, and security challenges come with that. Employers will have to embrace new tools and processes — and be far more alert than ever before – because cybercriminals are becoming more sophisticated in their methods. How can you protect your business from this increased threat? Here are our tips:
Refresh cybersecurity policy
If your business hasn’t got a cybersecurity policy, it’s time to get one. It needs to include the latest security challenges, cover risk assessments for homeworkers and enforce important IT basics such as multi-factor authentication, and processes for upgrading and backing up devices. Clearly set out what measures your employees should be taking and what they can and cannot use their devices for. If your people are not clear about their obligations are when it comes to security, then your business is vulnerable.
When working from home, during the pandemic, your staff may have just been getting by with whatever devices they had available to use. In the long term that’s not going to be secure – these devices may not have been regularly scanned for viruses or completed the updates necessary to eliminate security threats. If you’ve returned to the workplace, or are planning to, don’t forget to update office computers which previously unused during lockdown and now being switched on again.
Keep systems and software up to date
Many companies automate updates to avoid having to rely on employees to do it. For instance, Microsoft Active Directory enables IT teams to automatically roll out updates to all employee devices. But the problem is, with employees working from home, it’s harder to carry out. IT teams must have practices to make sure all employees are able to update their operating systems and devices regularly. An outsourced IT provider such as Aura Technology can manage these updates from a central point, ensuring updates are applied across the business.
Back up data
While working on their devices at home, your employees might no longer have access to online drives that are being regularly backed up by the IT team. Make sure your employees understand the importance of backing up their data and have access to proper online and offline backup tools. Cloud systems such as Microsoft Teams make this easy, with the added benefit of enabling access to documents and files wherever the employee logs in from.
Educate staff on IT basics
Home networks can be a risk to business, especially if staff are accessing confidential data or company intranets. Now’s a good time as any to educate teams on the basics of IT security, such as handling sensitive business data, managing passwords, being aware of the types of security threats and securing smart devices. Home routers that are not secure may not have been a problem for them previously, but if they are now being used for work traffic then they should be protected with the same level of security as your business network would have.
Look out for threats
Be vigilant about websites, spam emails and phishing scams.
Covid-related phishing scams have been the most common threat to companies with a homeworking set up. Phishing is when a scammer sends an email that looks as though it has come from a legitimate source with an aim to distribute malware, steal login credentials or money from victims. Make sure that employees are well aware of the kinds of phishing and malware links. Screening software can help weed out likely threats or suspicious messages, but ultimately human beings are the last line of defence.
Online meeting security
We’ve all become Zoom experts over the last few months, but people are still getting into mishaps with privacy and security. Some important tips if you want to avoid unwanted guests in your meetings are; do not publicly post meeting links to social media, use unique meeting codes so that your meeting is only available to those with that code, use a waiting room to manage participants joining prior to the host or rejoining after leaving the meeting, and disable file sharing, if you don’t need to use it.
Use strong passwords or, if possible, biometric authentication like your face or fingerprint to prevent malicious actors from stealing your credentials and identity. Wherever possible enable multi-factor authentication (MFA). This can add an extra layer of protection to passwords and stop hackers from accessing private information.
Use a trusted VPN
One of the top benefits of a Virtual Private Network is that it disguises your IP address so your activities can’t be tracked. It does this by sending you onto the internet with a masked IP address, so your identity, location, and online activities stay private on the web. It is also extremely difficult for hackers to compromise because it encrypts the data you send over the connection.
With awareness and these simple steps, you can better prepare yourself for this new normal of home and blended working. And as attacker methods evolve, it will help you to adapt and stay safe. At Aura Technology, we can help with implementing cybersecurity measures and our business continuity solution involves a bespoke disaster recovery plan should you be affected by Covid-19. Contact us for more information.