The importance of cybersecurity during remote work
Cybersecurity – During the COVID-19 pandemic, many of us are entering uncharted territory as our companies operate fully remotely for the first time. Below, I hope to provide some information to make this time as easy and productive as possible for you.
During onboarding at my company, we tell employees that cybersecurity practices don’t end when we purchase a firewall or install endpoint security onto devices. Security is a culture. A breach can occur from seconds’ worth of negligence, crushing decades worth of a company’s reputation. According to a recent Verizon study, approximately 43% of cyberattacks targeted small to medium businesses, and the majority of those business closed doors within six months. These attacks will not be slowing down as more processes get taken to the cloud.
Build company awareness.
Groups are already trying to exploit the current pandemic situation. We are seeing a tremendous increase in coronavirus-related attempts via email (phishing). Attempts for password resets, account updates, billing disputes and favors for your executive team are inevitable through this time. Companies should be making employees aware of the signs in distinguishing these attempts (sender domain, threatening requests to create panic, poorly written).
• Differentiate leisure and business activities on devices, if possible. Keep your work data on your work devices.
• Don’t share your work devices with others. While the “I’m not concerned about my friend stealing our company data” statement will certainly be used, it’s not so much that concern but the unauthorized internet browsing and inadvertent uses that could open up the floodgates to exposing your company’s most valuable assets.
• Turn off ‘remember password’ functions. Always keep them off — not just during this pandemic. You just made a password that was 12 characters long and included three different special characters, and now you saved it right on your web browser for the browser and your computer to deal with securing that password. As mentioned below, encrypted solutions exist to secure this information for you for free (if you choose to go this route).
Educate. Train. Communicate. Repeat.
Creating policies for employees around how to communicate concerns and preparation should a breach be suspected is crucial. Your technical support points of contact are great resources for you to frequently reference for their expertise and advice. Below you will find some daily methods for ensuring your secure practices:
• Use encryption tools for sharing sensitive date — free tools are available. Should sensitive company data be shared remotely, it should be encrypted. Would you want your personal data shared on an unsecure spreadsheet? Additionally, free encryption tools can provide reliable security over documents and folders. Password management web browser extensions allow secure storing of passwords, login links and applicable information.
• Avoid using public Wi-Fi. Use your company’s VPN, or inquire with your tech team on how to get one. Don’t have either? Consider using a hotspot. While your web traffic is still unencrypted, it will still prevent the risks of sharing public Wi-Fi with strangers.
• Make sure your files are backed up at all times. Aside from cybersecurity policies, it’s important to save your files so they are backed up for accidental damages — kids are home from school running around the house, potentially eating and drinking next to your remote workspace, etc. While your files can likely be restored from device suffering liquid damage, it is challenging to do so during this time because your IT team is not in your house and many businesses are closed down.
• Take advantage of your endpoint security tool. Those systems exist for a reason and wouldn’t be in business if they didn’t serve a benefit. And don’t delay the “run scheduled full system scan now or delay 3 hours” message that you get. Use it.
Nastel has created a feed with some new information on COVID-19! Click here.
This article originally appeared on bizjournals.com To read the full article and see the images, click here.
Nastel Technologies uses machine learning to detect anomalies, behavior and sentiment, accelerate decisions, satisfy customers, innovate continuously. To answer business-centric questions and provide actionable guidance for decision-makers, Nastel’s AutoPilot® for Analytics fuses:
- Advanced predictive anomaly detection, Bayesian Classification and other machine learning algorithms
- Raw information handling and analytics speed
- End-to-end business transaction tracking that spans technologies, tiers, and organizations
- Intuitive, easy-to-use data visualizations and dashboards
Nastel Technologies is the global leader in Integration Infrastructure Management (i2M). It helps companies achieve flawless delivery of digital services powered by integration infrastructure by delivering tools for Middleware Management, Monitoring, Tracking, and Analytics to detect anomalies, accelerate decisions, and enable customers to constantly innovate, to answer business-centric questions, and provide actionable guidance for decision-makers. It is particularly focused on IBM MQ, Apache Kafka, Solace, TIBCO EMS, ACE/IIB and also supports RabbitMQ, ActiveMQ, Blockchain, IOT, DataPower, MFT, IBM Cloud Pak for Integration and many more.
The Nastel i2M Platform provides:
- Secure self-service configuration management with auditing for governance & compliance
- Message management for Application Development, Test, & Support
- Real-time performance monitoring, alerting, and remediation
- Business transaction tracking and IT message tracing
- AIOps and APM
- Automation for CI/CD DevOps
- Analytics for root cause analysis & Management Information (MI)
- Integration with ITSM/SIEM solutions including ServiceNow, Splunk, & AppDynamics