It’s nearly impossible to predict when the pandemic will subside and allow for most workers to return to their offices. Until then, many of us will be working remotely in safe spaces or from home.
Unfortunately, working in this way creates opportunities for cyber-criminals. Yet there are things we can do to protect ourselves as we adjust to our new remote working conditions.
With so many staff members working remotely, companies have to ramp up their vigilance against cyber-attacks, says Juan Mack, IT manager for Matrix Integration, an IT solutions provider for more than 1,000 businesses and schools in Indiana, Kentucky and beyond. The company sent out a cyber-security checklist for those who might be new to working remotely.
“When you’re in an office and protected by network-wide security systems, you’re in a safe bubble,” Mack says in a prepared statement. “When you’re working remotely some of those safeguards go away, so you have less protection from malicious sites or emails. It becomes even more important not to get distracted or click on links that might cause you or your company harm.”
The cyber-criminals are focused on stealing money and personal information “but their message has changed,” according to Matrix Integration. “People should expect to see links to false Coronavirus websites, fake requests for donations, and even phony emails from health and insurance companies.”
To help remote workers cope, the vendor has put together a list of the “Top Five Cyber-Security Tips” to keep in mind during the Coronavirus pandemic.
- “Have a secure connection. Free or unknown Wi-Fi sources may be operated by cyber-criminals who can easily steal the data users’ transmit while on their networks. People should not connect to wireless networks that aren’t recognized, especially those with ‘free’ in the name or those defined as an ‘unsecured computer-to-computer network;’ ”
- “Get information from the source. Don’t trust or click on links — whether in an email or online — that promise to take you to Coronavirus updates. Instead, go directly to websites run by individual cities, states and school districts, or national organizations like the CDC;”
- “Beware of multiple modalities. Criminals are using a variety of means to make inroads with victims. In addition to emails and false websites, never give personal information over the phone, by text or through a mobile app.”
- “Share information within the company. Any suspicious or malicious emails or sites should be shared with company IT managers. They can alert others of the scam or stop it from going further.”
- And “Share information at home. With other family members and children working from home at the same time, have a discussion about potential threats and how to handle them.”
In addition, a remote workforce should “send companywide communication to employees with direct links to remote working resources, including email and file-sharing locations,” according to Matrix Integration. “Instate or enforce multi-factor authentication (MFA) protocols — this means that employees will need more than one password or code to access corporate resources, such as their online password and then a code sent to their phone.”
The vendor also urges companies to keep “sending regular reminders to employees about online security — but keep messages short and cover just one subject. For example, one email might provide an example of a current phishing scam. Another might contain a short employee video.”
The Jasper, Indiana-based Matrix Integration serves many sectors including financial services and offers support for network segmentation; network access control (NAC); software-defined wide area networks (SD-WANs); business continuity and disaster recovery; compliance; and professional services.