Many companies have been forced to work from home during the COVID-19 pandemic. Being able to quickly shift gears has allowed these businesses to maintain daily operations (at least to some extent) thanks to the prevalence and cost-effectiveness of today’s VoIP, Data, and Video technology.
But on the flip-side, this work-from-home shift poses new cyber-security risks that we want you to be aware of.
Think about it… at the office, you have hardware and software to prevent cyber-attacks. You also have cyber-security safety protocols in place to protect your data.
But your employees do not have the same level of network security in their homes.
And no, I am not suggesting that you go to the extreme of installing a firewall in every employee’s home – that’s not necessary. However, basic cyber-security practices are just as important, if not more, as we work from home.
Here’s an example:
Everyone knows to not open email messages from unknown senders, click on suspicious links, or to provide personal, company, or financial information online (unless it is absolutely necessary, and the request can be verified).
But guess what, people do… usually unsuspectingly, sometimes accidentally, and occasionally due to curiosity.
It doesn’t matter if this happens from your home or in the office. Wherever it happens, if it launches a malicious cyber-attack, it can be devastating and costly.
Here’s another example:
Everyone also knows to use long and strong passwords or phrases with upper and lower case letters, numbers, and special characters. And to not reuse the same passwords – at least on too many sites.
And yet again, people do, for any number of reasons. This too can cause a costly and debilitating data breach. Or at a minimum, a major inconvenience and waste of time.
So this month’s lesson is a reminder.
If you want to stay safe online – and why wouldn’t you – each and every one of us needs to remain vigilant and take extra precaution to protect our data and keep it secure. And this includes while working from home, in the office, or on the go on our mobile devices.
Here are some recommended best-practices to maintain:
- Change your passwords – Make them long and strong, and if you are going to use the same password on multiple sites (not recommended but all too common), do so sparingly; especially when sensitive data and financial info is a stake. Password managers may be an option to consider for network and mobile apps. And make sure to change your home router and Wi-Fi passwords too.
- Use an 8-digit PIN – For voice mail, use a minimum 8-digit PIN (and use Visual Voice Mail on your desktop or mobile app so you don’t have to enter it on the phone every time you access your messages).
- Beware of phishing and malware attacks – Remind your employees about the danger of opening email from unknown sources. And DO NOT click on embedded links or open file attachments. Intermedia’s Email Protection for Exchange provides a wealth of protection from spam, phishing, and URL filtering for added security.
- Enable two-factor authentication – 2FA adds an extra layer of protection, so you should enable this feature whenever possible. When you access a site, a unique code is sent by text, email, or call to verify authenticity. With 2FA, unauthorized access to your data can quickly and easily be stopped. Without 2FA, a hacker with a stolen password has unrestricted access to your information without your knowledge.
- Use a single-sign on service for all web logins – You can improve your Company’s security with Intermedia’s AppID, which includes 2FA and gives your business full control over all the cloud apps that your employees use, all in one place.
- Virtual private networks – some companies will establish secure VPN access, which limits the users or devices that can access the network.
- Unsubscribe to eliminate distractions – Minimize the volume of emails you receive by unsubscribing from known, legitimate sites. If you are unsure the validity of a message or sender, my recommendation would be to mark it as junk and delete it. The last thing you want to do is “red flag” your email address by unsubscribing, which will likely cause it to be sold on the Dark Web to other dubious sources.
- Don’t trust public Wi-Fi – It’s been 2 months that we’ve been sheltering in place and working from home. As restrictions loosen and we begin getting back to some kind of normal, resist the temptation to hop on free public Wi-Fi hotspots when you’re out. This includes coffee shops, airports, and public venues to mention a few. If you need Wi-Fi while you’re out, tether to your smartphone.
- Avoid COVID-19 scams – Scammers are preying on fears surrounding the Coronavirus pandemic. There are plenty of reputable organizations that are going above and beyond during these challenging times. Just be aware of messages about a supposed cure, requests for donations, or special deals on medical equipment that ask for personal information and money. Treat ads and pop-ups with tremendous scrutiny.
- Use common sense – As with just about anything, technical or not, good judgment and common sense always prevail. If you are not sure about the validity of an email, call the sender. Or just delete the message and move on.
When you implement a few easy to incorporate best practices, you go a long way to protecting your online identity and keeping your personal information safe. And this will ultimately help to keep your Company’s data secure.
Are you at risk, or concerned?
Contact us if you have questions.
Be well and stay safe!