On 11 March 2020, the World Health Organisation (WHO) announced COVID-19 as a global pandemic due to the severity of its outbreak and spread. The alarming rate of spread has caused many countries and organisations to adopt urgent and aggressive measures to suppress the spread of the virus. One of the life-changing measures would be the shift in work culture from traditional office to home office in order to flatten the curve.
Amidst all the chaos and disruption, cyber hackers saw a silver lining in this Black Swan event. As the coronavirus pandemic persists, a day at home office now looks like a series of video conferencing, emails and many other virtual collaboration tools. Our heightened dependency on digital infrastructure instantly exposes the organisation's vulnerability to hackers. According to Absolute 2019 Global Endpoint Security Trend Report, 42 percent of endpoints are unprotected at any given time. In other words, it is strategically wise for hackers to shift their focus to capitalise on remote work environments with new phishing strategies. Right now, it is extremely crucial for organisations to ensure corporate security and that every endpoint being used, is fully protected from exploitation.
Simply put, the unprecedented reliance on the internet today for effective business communication has made robust Cyber Security measures more important than ever.
Step up your Network Security
Working from home typically meant working on personal devices which lack internal safety measures and protection. This puts your organisation in a high-risk position where you are vulnerable to cyber attacks.
Remote working could be the future as we harness on the power of technology, however, effective remote working starts with addressing security concerns with a practical approach and here are some items that your IT Risk Management policy should contain to cultivate a confidentiality culture.
1. Authorised tools
Ensure all employees have the tools they require to be productive as they manage confidential information.
More specifically, the tools that they are using should be authorised corporate devices with updated anti-malware software to prevent malicious attacks. Using unauthorised devices may cause your confidential data to be leaked, as you are unaware of the existing malwares in your personal devices.
2. Manage network security
Utilsing an authorised tool is often insufficient alone in guarding your organisation from malicious traffic as they can bypass the security software through a poorly configured network connection. Some leading global companies like Alibaba are using their own software, Alilang, to manage network and device security.
But to implement stronger network security in home office environments can also be as simple as mandating awareness training to educate your employee on the importance of having a strong wifi password, cyber risk awareness and an active system firewall.
3. Vigilant verification
Remote work means more virtual communications and collaboration which puts your organisation at a higher risk of receiving phishing emails.
When working remotely, employees should ensure that software installed and links that they have been redirected to are secure and from a trusted source. Always be aware of the senders email address, especially when emails seem "phishy."