Worker learns about cybersecurity plan

April 21, 2020

Cybersecurity Tips for Remote Workers During COVID-19

Cybersecurity Tips for Remote Workers During COVID-19

Cybersecurity, once considered an issue for Fortune 500 corporations and government agencies only, is now an immediate concern for people and businesses of all sizes as they adapt to the crisis around COVID-19.

On April 8, in response to the sudden increase in teleworking and the vulnerability of online services, the United States Department of Homeland Security published an official report on how cybercriminals and advanced persistent threat groups can target your employees with ransomware and malware.

Still, many companies are not doing enough to shield themselves and their customers against harm from hackers.

Below are five ways you can help protect yourself and your company against increased cybersecurity threats relating to coronavirus.

Educate Your Employees

To start, privacy is key for remote workers who communicate exclusively online for long stretches of time. General best practices can include:

  • the use of headphones when discussing sensitive information. This way, you remain in control of your environment.

  • the use of designated emails when conducting business. An employee should never use personal email accounts, which are significantly less secure in most cases, for business purposes.

  • locking your computer whenever you walk away. This is a good habit to adopt even in the best of times.

With malicious cyber activity relating to COVID-19, however, the education can be more specific.

Not all of your employees are equally aware of what constitutes a hacking threat, but you can tell them to avoid:

  • registering any domain name that contains words related to coronavirus.

  • downloading any apps marketing themselves as coronavirus outbreak trackers.

  • opening an email with coronavirus or COVID-19 in the subject line. This type of email could fall under one of many phishing scams.

If a phishing event has previously happened within the company, develop a process to share the email details — what did the email want and who did it appear to have come from — with employees who could be affected now and in the future.

If you suspect an email you've received is out of the norm in any way, simply verify it with a second source. Give the person a call, or talk to them in person to confirm that they sent the original communication.

Providing employees with awareness of these types of tactics and the knowledge they need to handle the situation can help you avoid cyberattack attempts at any time, not just during a crisis.

Companies also should consider implementing processes that allow employees to report suspicious emails and hosting a remote training program to educate employees on cybersecurity.

Use Software to Prepare for Cyberthreats

Top-of-the-line security software, including firewalls, network breach detection utilities and anti-virus and malware protection, is indispensable as a shield against cyberthreats.

To thwart the sophisticated cyberactors involving COVID-19, however, organizations must work fast to ensure their software can keep up with the quickly evolving threats.

Improve your cybersecurity profile immediately by:

  • installing anti-virus software.

  • NOT installing multiple anti-virus programs. Most products cannot run when another product is installed.

  • securing your wireless network, which includes home networks and all wireless devices.

Update Passwords Now, and Update Them Frequently

Proper password protection also plays a key role in system security.

No one prefers to constantly update and memorize lengthy new passwords, but communicating to your employees the importance of changing your passwords now and frequently is one of the best ways to protect any business against cyberthreats.

Your remote workers need to create complex passwords that do not contain personal pieces of information, like street numbers and birthdates.

It also is critical that teams never share a password, which could provide cybercriminals easy access to sensitive data.

In fact, research shows people who are even a little more secure with passwords are able to thwart numerous cyberincidents more times than not.

Put A Cybersecurity Plan in Place

While prevention is always the goal, it's vital to have a detailed plan in place for staff and management who are working from home. This way, there is protocol in the event of a successful cyberstrike.

For smaller companies with fewer staff and less complex IT systems, note even a simple preparedness plan is helpful.

For example, your plan can be as straightforward as a one-page document that tells employees which company member oversees shutting down the organization's critical infrastructure.

You also can communicate which third-party experts to call if a network is compromised.

Practice Cyberattack Drills From Home

Of course, while a plan is an excellent start, in a real-world incident, a strategy is only successful if it can be properly implemented as quickly as possible.

In general, businesses of all sizes should conduct organization-wide incident response training once or twice a year.

However, since COVID-19 has sent everyone home, companies around the world have been practicing all types of drills with their remote employees. See how they're done here.

This article is for general information and education only. It is provided as a courtesy to the clients and friends of City National Bank (City National). City National does not warrant that it is accurate or complete. Opinions expressed and estimates or projections given are those of the authors or persons quoted as of the date of the article with no obligation to update or notify of inaccuracy or change. This article may not be reproduced, distributed or further published by any person without the written consent of City National. Please cite source when quoting.