The COVID-19 pandemic has fundamentally changed everyone’s lifestyle. This change has even applied to the way we work, as working from home remains the default option, even as Singapore transitions through Phase 3.
However, working from home presents its own unique challenges, with cybersecurity concerns becoming a major worry. As businesses and organisations rapidly deploy remote systems and networks to facilitate this work-from-home movement, hackers perceive remote working as a unique opportunity to exploit the increased security vulnerabilities to steal valuable company data and information.
As such, as your employees continue to work from home, it is vital for you to implement some basic cybersecurity measures to ensure your business is not vulnerable. Here are five practical tips you should share with your employees.
1. Choose strong passwords
Password management service Nordpass conducted a study titled “The misfortunate passwords of Fortune 500 companies”. The study found that about 20% of the passwords used by employees were either an exact spelling of their company’s name or a variation of it. Such weak passwords are one of the biggest reasons behind data breaches, making it easy for malicious hackers to bypass the company’s system.
Data breaches are costly. The average global costs of data breaches have been estimated to be around $3.86 million yearly. With employees now working from home, they are more vulnerable than ever to such cyberattacks without the guidance and support of their company’s IT department.
To protect your employees and the company while everyone continues to work remotely, you should ensure your employees use complex passwords that contain at least 12 characters and a combination of upper and lower-case letters, numbers, and symbols in a randomised order.
2. Always install new updates immediately.
Cybersecurity software developers are constantly introducing the latest updates to patch any vulnerabilities that hackers may have discovered. While these notifications can be annoying and distracting, clicking “ignore” will only cause further problems down the line as hackers can easily take advantage of existing loopholes.
You should advise your employees to exercise personal responsibility when telecommuting and to update their software whenever possible. If software updates are disruptive during working hours, employees can opt for scheduled updates when they are away from their laptops. These updates help eliminate any potential vulnerabilities and loopholes, so remind your employees to regularly update their work computers at home.
3. Don’t turn off VPN
As employees continue to work from home, digital communication has become the primary mode of communication for work matters. Be it emails or video calls, all forms of digital communication are vulnerable to eavesdropping and data leakage.
Virtual private networks (VPN) are the first line of defence against cyberattacks when working remotely. By routing all data and traffic through encryption software, IP addresses are hidden, and a private connection is established. The individual’s personal data is now hidden, allowing your employees to communicate safely.
VPNs also prevent data theft, so hackers cannot access sensitive information such as client data and financial statements. However, a VPN does not protect data transmitted outside of a cellular or wi-fi network, so remind your employees to be vigilant when answering text messages and phone calls as well.
4. Watch out for phishing scams.
Remote workers may be in the midst of adjusting to their new working routines, and levels of confusion and frustration may be spiking. Distracted workers are also more vulnerable as they are not in the right headspace, so remind your employees to be alert and sensitive to any phishing scams.
Phishing emails include dubious links and attachments that would disrupt workflows by unleashing malware and viruses. Remind your employees to check the domains and look out for any language errors to identify phishing emails. As a rule of thumb, advise your employees to always clarify any doubts with HR or the upper management, as it is better to be safe than sorry.
5. Keep devices separate
Personal devices are not subject to the company’s control, and they do not possess adequate security measures that are designed to protect the device’s data. Therefore, you should encourage your employees to utilise separate devices for work and personal use to minimise cybersecurity risk.
Without adequate protection and a lack of monitoring, there is a high risk of a data breach. Important documents and spreadsheets that hold sensitive, private information, such as corporate finances or details about upcoming projects, can be easily accessed by people outside of the company.
Employees do not have the support of IT personnel in a remote working environment, which only increases their risk of encountering a security breach. Therefore, they have to take the initiative and protect themselves against cybersecurity threats. These tips are practical and easy to implement in the comfort of everyone’s home, so do share them with your employees.
If you are looking to bolster your employees’ cybersecurity awareness and equip them with the latest knowledge, you can consider signing them up for the various cybersecurity training courses offered by BridgingMinds. For example, our CISSP training programmes specifically target security concerns and equip students with the necessary knowledge to design and implement a security programme. Do not hesitate to contact us at +65 6635 5590 if you are interested to learn more!