When it comes to securing a company’s network, it’s a fulltime job at the best of times. With the current COVID-19 pandemic, organizations need to extend those protections to their employees who work from home. Cyberattacks were already on the rise over the last few years and the current climate gives hackers and bad actors the perfect cover. The number of phishing emails increased by 600% since the end of February 2020, although only 2% of those references the pandemic directly.
Hackers are intelligent enough to know that while people work from home, they are more susceptible to falling for an attack. Once the hacker gains access to the computer, they deploy more code that can spread, eventually infiltrating the company network. To ensure the company doesn’t fall prey to these phishing attacks, they need to follow the cybersecurity best practices for remote working.
5 Cybersecurity Best Practices for Working Remotely
If the company doesn’t take the necessary precautions, it could expose them to several risks. Ransomware can devastate a business, while data loss or theft can lead to civil and criminal liability. Organizations must follow the best practices to keep their networks and data secure, especially when employees work from home.
1. Establish a Work-From-Home Security Policy
Start by defining a policy for workers who are logging in to company systems from home. All computers should ideally have antivirus and an active firewall on the computer. These come standard in Windows 10. The employees should also regularly update their computer’s Operating System (OS) and applications with software patches as they become available. This may also be necessary if the employee uses a home office printer.
2. Educate Staff on the Dangers of Working from Home
Employees may be less diligent when working from home. If they are using their home PC, they may have two different email accounts linked to the same client. A phishing attack on the personal account could then spread and infect the company network. Staff should never open an email or attachment from an unknown sender. If they receive the email on a business account, immediately inform the company’s IT department.
3. Add Additional Security for Remote Access
If the company is familiar with remote workers, they’ll already have a Virtual Private Network (VPN) for remote access. A VPN encrypts the information during transmission and requires a second level of authentication before a user can gain access to the company network. If the employees need to access specific applications, ensure they can only do so via a VPN connection.
4. Separate Home and Work Devices Including Software
A Bring Your Own Device (BYOD) policy can make staff more productive but could also put the company’s network at risk. When employees have to work from home, they shouldn’t use home computers for work. Home PCs have many third-party applications that the company hasn’t vetted as safe. Instead, give employees a company laptop that has a specific OS image preconfigured with the software they’ll need to do their jobs.
5. Put Verification Protocols in Place
Set up a protocol for employees to verify information when they are unsure. They can call someone or use an Instant Messaging app to contact a person or department before making a mistake. There’s been a rise in cyberattacks from hackers impersonating CEOs over the last few months.
How Remote Employees Can Recover from a Successful Phishing Email Attack
The best cure is prevention. Remote workers should schedule regular antivirus scans on their computers and update the threat definitions every day. If the antivirus has network and device security enabled, it should pick up any suspicious attempts trying to make changes to the computer.
Phishing emails may circumvent the above and still succeed in infecting the computer. Once an employee realizes they’ve experienced a breach, they need to disconnect their device from the network. Remove the LAN cable or disable the Wi-Fi adapter on the computer. Run a detailed scan on the PC to see if the antivirus can detect and quarantine the malicious code.
The employee should also inform the IT or network security department so they can start checking company logs for any suspicious activity. If the employee divulged their company credentials, the IT department should suspend the account immediately. Once the employee removes the malware from their PC, they should also verify the malware didn’t compromise any other personal information.
Keep Remote Workers Productive and Secure with Cartridge World
Cartridge World can help organizations establish a safe and reliable work-from-home printing environment. Keeping remote workers productive and the company network safe requires constant vigilance, as cybercriminals will use the public’s current fears to launch a successful attack. We provide Managed Print Services and have a range of safe and secure Multifunction Devices (MFDs) for the home office. For more information about printers that come with enhanced cybersecurity or how you can prevent a phishing email from tricking your remote workers, contact Cartridge World today.