AJ Thompson is CCO at Northdoor plc
In the current climate, having a sizable amount of employees suddenly working remotely can be a major change for businesses and can present numerous problems with regards to cybersecurity.
Because people are not seeing each other in person, there is an increased need for two-factor authentication, monitoring access controls and creating strong passwords to protect your data and assets. Employees are now likely to receive far more emails and online requests and therefore this creates an increased risk of cyberattacks.
Many businesses may not have all the resources necessary to deal with these different types of scenarios, with a heightened sensitivity around the demands placed on IT departments.
Here at Northdoor our experienced team of experts can help you to keep your business and employees secure during remote working. See below for our top cyber security tips.
At Northdoor, we assess the most critical parts of your business that will be served by technology transformation, such as leveraging the cloud to quickly scale those critical operations while being extra cautious and limiting security risks. Shifting an entire business practice can take time and be a daunting task even for the tech-savvy, which is why having an experienced third-party IT consultancy on hand to help is crucial.
With many staff now working at home, away from the corporate network and very possibly using their own devices, businesses need to stay alert for phishing emails and to make sure that employees know how to recognise them and what to do if they receive one- such as only clicking on web links within emails that they are sure are authentic.
Cyber criminals often utilise common file types employees are used to seeing such as PDFs. Even though not every file extension can launch an attack, employees should treat all file extensions with scepticism. Business leaders need to be -aware of social engineering attacks, which have increased significantly as more people work from home. At the moment these attacks are especially effective, when attackers can capitalise on rapid change and confusion.
Even if your employees are taking basic precautions in securing their home WiFi networks, your business will still need to deploy a Virtual Private Network (VPN) to keep your operations secure, with software that creates an exclusive network from a public one. This allows employees to send and receive data or share it securely as the VPN acts as if your devices are directly connected to a private network. Therefore, devices connected by VPN run their apps with the functionality and security of that particular network. This is of crucial importance in protecting sensitive company data from cyber criminals.
An alternative to VPNs is Privileged Access Management (PAM) software solutions. They not only give your business control over who can access what, they can also help you detect threats and suspicious activity in every session. PAM is also responsible for granting access credentials centrally and prevents the misuse of software and hardware by limiting credentials.
With PAM, you can grant permissions to external collaborators even if you are using a VPN. At the same time, you can integrate the access control API to other security software. This makes it difficult for attackers to break into a network and gain access to your data.
Ransomware attacks are on the increase since business practices have been forced to change. Generally speaking, larger businesses have the collateral to either pay a ransom or security consultants to get their data back. However, for businesses this can be a real problem.
For small businesses having their data locked away in one place and considering the high ransom costs can be, could make the difference to whether or not you stay afloat.
As well as keeping data in the cloud small businesses need to conduct regular backups and store backup data in offline locations, which will help businesses recover quickly from potential cyber and ransomware attacks.
Considering the number of high-profile cyberattacks that we’ve seen in the last two months, it is vital that cybersecurity becomes a chief concern for all business leaders and their employees going forward. Implementing the right security best practices takes time, but in this period of uncertainty it is well worth it.
Read more: Automated Data Backup and Data Protection