The COVID-19 epidemic has forced many companies to close their offices and require employees to work from home. This is a necessary measure to contain the epidemic and save lives. Nevertheless, there is a trade-off - a decreased risk of coronavirus but a greater risk of computer virus, data breach, and malware.
Within an office there are typically security defenses to protect computer systems and data - gateways, behavior monitoring, encryption, anti-malware applications. A home computer may have less protection or may be poorly configured.
Cybersecurity Matters recommends steps for organizations to maintain their systems and data while employees are working remotely:
- Make it clear which clouds and applications are sanctioned for use. Provide a secure way for employees to access these applications.
- Provide employees with dedicated equipment (my laptop is reserved for work use; I have a separate computer for personal use).
- Enable multi-factor authentication for verification of user legitimacy.
- Establish a support hotline (or require that support issues be directed to a designated person).
- Use encryption.
- Provide security awareness training.
Here are additional tips for businesses:
- Speak to software as a service providers about their business continuity plans and assistance with disaster recovery.
- Provide refresher training to employees on cybersecurity.
- Include cyber incident response in COVID-19 response plan.
- Be able to communicate with employees if systems must be taken offline or passwords reset.
- Protect personal and confidential information.
While working remotely is probably not as efficient as being in the office, we can all benefit from attention to security.