Working from home can leave our organization's IT network and systems vulnerable to cyber-attacks and data breaches. Since the pandemic began, phishing attacks have been on the rise, with some appearing to be from reputable sources and claiming to have relevant information regarding COVID-19. Those behind these phishing attacks hope to infiltrate your system with ransomware or steal credentials to get access to your organization's data.
It's not just on your computer you need to be vigilant, according to TechTarget, "certain Android applications claim to monitor COVID-19 systems or occurrences but contain spyware or other malware in disguise."
Cyber attacks and data breaches can have serious implications for your organization -downtime, financial implications, and a damaged reputation, to name a few. Therefore, you must ensure that your organization has processes and procedures in place to limit the risk of ransomware or a data breach.
The use of a VPN is essential to ensure the security of your organization when you are connected to Wi-Fi – whether that's a public Wi-Fi or personal. Using a secure VPN makes it very difficult for cybercriminals to infiltrate a laptop. It is also essential for organizations to test and ensure they have a strong enough infrastructure to support the majority of their workforce remotely working.
Public Wi-Fi can be easily targeted by cybercriminals. The remote working policy should state that public Wi-Fi (i.e. coffee shops or hotels) shouldn't be used for any sensitive business activities.
High profile global issues and crises are perfect fodder for hackers; using themes such as the coronavirus for phishing emails or other predatory techniques is prevalent.
All devices should have long passwords with multi-characters, two-step authentication processes, and different passwords for each system and logins.
Just as people are encouraged to protect their PIN when using a cash machine, employees should protect their passwords when logging into company systems. It is very easy for other people to eavesdrop on a conversation or take a discreet photo of sensitive company information.
Identify questions for the remote working space, such as:
All employees should be aware of the best practices of internet usage and the vulnerabilities of email. Refer to company policies for guidance on the types of communications that should and shouldn't be sent (i.e. do not send logins and passwords).
A USB port is an easy way of introducing malware to an organization's network. Whether a personal or work-issued USB, sensitive company data shouldn't be stored on a removable device.
If in doubt of any suspicious online activity via emails received, links, or pop-ups, seek expert advice.
Remember: If you experience an accidental data loss, discover your systems have been compromised by malware, or realize you're under attack from ransomware, call us. We have over 30 years of experience recovering data from all types of devices - laptops, servers, tablets, SSDs, and more - in our global labs and through our remote data recovery services.