Telecommuting: Mitigating Cybersecurity Risks During COVID-19

With millions of Americans working from home due to the COVID-19 pandemic, businesses face another threat: cybersecurity breaches. While employees are trying to carry on their day-to-day responsibilities remotely, hackers are taking advantage of vulnerabilities for their own gain.

However, there are steps businesses can take to help protect themselves from cyber criminals. Here are a few:

1. Remain vigilant about phishing
While employees are distracted by COVID-19, cyber criminals are seizing the opportunity to prey on those who let their guard down. During this challenging time, CNET warns that hackers use crisis to their advantage, trying to scam people with malware disguised as an urgent request for valuable information.

Phishing emails and mobile apps may look legitimate—and even helpful—at first glance to some employees, but they’re anything but. In fact, the malware they may deliver may compound the problems many employers are facing right now. That’s why it’s important for organizations to provide their employees with training on how to spot a phishing attempt—and what to do when it happens.

2. Have clear policies
According to Forbes, it’s essential that employers have a comprehensive set of clear policies in place to protect their sensitive information, such as data and business processes. The same goes for company-issued computers, phones and other devices, both in the office and when they leave the premises.

Business leaders should ensure all employees have read and acknowledged these important company policies before they are allowed to work remotely.

3. Provide company-issued devices to employees
Likewise, the best way to ensure employees are adhering to cybersecurity policies is to provide them with the necessary equipment to do their jobs from home. This helps guarantee they are working on devices with built-in cybersecurity features, such as VPNs and anti-malware.

Employees should also be directed to never leave their equipment unattended in public, even if they have to step away for a moment at the corner coffee shop.

4. Keep current on software updates
CNET stresses how critical it is for employees to keep their software updated, even while working from home. In fact, it’s one of the most important measures a business can take to protect its assets from hacking.

That’s because these updates often include patches that fix security flaws—weaknesses that cyber criminals use to their advantage. It’s essential to push out updates for applications and operating systems—even routers—so your employees are working as securely as possible.  

5. Adopt two-factor authentication
Two-factor authentication offers an additional layer of protection if hackers get a hold of your usernames and passwords. That’s because with two-factor authentication, a user is required to enter a one-time code—often texted to the user’s phone or sent to a second email address—to log in from a new device. Without this code, hackers won’t be able to gain access to your systems, even if they know your usernames and passwords. 

6. Prepare for the worst
Like the Boy Scouts motto of always being prepared, IT organizations should be prepared in the event of a cyber breach or other IT-related emergency. Cyber insurance, like the coverage available from CopperPoint, provides valuable resources to prevent and respond to cyber breaches. In addition, a well-constructed crisis response plan includes protocol for businesses to follow, identifies who will be responsible for taking what action, and spells out a clear-cut communications strategy for dealing with stakeholders. The time for creating a plan is before, not during, a crisis.

By having a cybersecurity plan in place, businesses can feel confident that their remote employees are working safely and securely without putting their organization at risk.