Preventing cyber threats for employees working from home

Preventing Cyber Threats When Employees Are Working From Home

May 27, 2020

Share:

Keep Remote Employees Safe From Cyber Threats

The recent increase in employees working from home as a result of the COVID-19 pandemic brings with it an increased risk of cybersecurity threats.

With 25 per cent of Canadian organizations now going entirely remote and 85 per cent going remote with at least half of their workforce, it’s essential to keep up with appropriate cybersecurity measures.

Cyber Security Tips for Remote Employees

Take the following tips into consideration for your remote workforce:

  • Develop a remote work policy specifically for the pandemic. Consider developing a new, written work-from-home policy that goes into effect only during the current pandemic. This policy can account for all special considerations that are different from your original policy, which may need to be reverted back to once the pandemic ends.
  • Connect to a virtual private network (VPN) if possible. A VPN can provide a direct connection to the organization’s regular applications, similar to if the employee was connected directly to the organization’s network. VPN’s can hide the user’s IP address, encrypt data transfers in transit and mask the user’s location. If the organization already has a VPN, ensure that it can handle the extra bandwidth from the sudden influx of new remote users.
  • Ensure software is updated. All devices being used for work should be secured with up-to-date firewalls, antivirus, anti-malware and data encryption software.
  • Enforce basic cybersecurity practices. Reinforce the importance of basic cybersecurity practices, such as using strong passwords and connecting to a hot spot or encrypted web connection instead of public Wi-Fi.
  • Avoid using removable media. The use of removable media such as USBs, SD cards and discs may expose valuable resources to malware and virus replication, theft and hardware failure. Keep the use of removable media to an absolute minimum and never use it as the sole storage location of valuable data.
  • Limit employee access. Rather than allowing employees access to all programs and resources, grant them access to only the programs and resources that are essential to their duties.

Contact Excalibur Insurance Group for more information on promoting cybersecurity with a remote workforce.

Cyber Security Beyond Technology

Cyber security tends to be solely thought of as an IT issue that’s managed with technology-based solutions. However, it actually extends much further. In fact, the full spectrum of cyber security includes human resources, operations and finance. It’s important to manage cyber security holistically in order to ensure maximum cyber protection.

In particular, a study by IBM found that human error is the main cause of 95 per cent of cyber security breaches. Human error can be broken down into two types:

  • Skill-based errors include mistakes made while performing regular tasks. The person knows the right thing to do but makes a mistake due to being tired, distracted or due to a brief memory lapse.
  • Decision-based errors are due to lacking the required knowledge to do the right thing, being uninformed in a circumstance’s specific details or not understanding when inaction has consequence.

Fortunately, you can help reduce human error. Some best practices include educating employees on how they can impact cyber risk, preventing employees from having access to data or functionality not critical to their job, and enforcing strong password use and two-factor authentication.

Contact Excalibur Insurance Group for more information on reducing human error in cyber security.