Cyber Security still matters during a pandemic
As companies large and small try to adapt and survive in these uncertain times, it’s easy to put aside those everyday concerns that come with running a business.
But with most white collar workers being ordered to perform their daily tasks from home, and retailers becoming increasingly dependent on online sales and deliveries, strong, safe and reliable data networks are more crucial than ever.
This week, the National Law Review published a list of cybersecurity tips for companies whose employees are working from home during the Coronavirus pandemic. But the key message remains–in good times and in times of crisis, remain vigilant:– cyber security is not immune to COVID-19.
With that in mind, CEOs and IT managers should instruct workers to do the following:
● Keep confidential information confidential. Sensitive information, such as certain types of personal information (e.g., personnel records, medical records, financial records), that is stored on or sent to or from remote devices should be encrypted in transit and at rest on the device and on removable media used by the device.
● Train employees on how to detect and handle phishing attacks. There are an increasing number of Coronavirus-based phishing emails going around, preying on the health concerns of the public. These are effective means for criminals to access company data systems.
● Do not allow sharing of work computers and other devices.
● Virtual Private Networks (VPNs) ensure that internet traffic is encrypted, especially if connected to a public Wi-Fi network. If your company has one in place, make sure employees exclusively use the VPN.
● Company information should never be downloaded or saved to employees’ personal devices or cloud services, such as their personal Google Drive or Dropbox accounts.
● Require security software on employee devices and ensure that all versions are up to date with all necessary patches.
● “Remember password” functions should always be turned off when employees are logging into company information systems and applications from their personal devices.
● Implement and enforce two-factor or multi-factor authentication (MFA).
● Limit employee access to protected information to the minimum scope and duration needed to perform their duties.
● Consider Mobile Device Management (MDM) and Mobile Application Management (MAM). These solutions can help manage and secure mobile devices and applications.
As always, Net Compliance Solutions is there to assist with system testing, phishing awareness training, and regulatory compliance services. We will get through this together. Call us at (855) 879-2373 if we can be of help.