Although some individuals are pushing to reopen the economy this month, most professionals agree that the coronavirus pandemic is far from over. New cases continue to crop up, and the death toll continues to rise. As reported by Business Insider, Dr. Anthony Fauci, America’s top infectious disease expert, says a second wave is inevitable – and that going back to business as usual too soon could be a grave error.
In the meantime, as businesses continue to struggle with the concept of a fully-distributed workforce as the new normal, cybercriminals are seizing upon the fear, uncertainty, and chaos created by the virus to great effect. In April, security firm Trend Micro reported that COVID-19 is being used in campaigns including phishing, spam, ransomware, and malicious domains. Earlier that same month, business publication Fortune noted that hackers have been disproportionately targeting hospitals and labs working on the coronavirus with ransomware.
If you think your own business isn’t at risk from such attacks because it’s a smaller organization, you haven’t been paying attention.
Nearly 43 percent of all cyberattacks target small businesses. Moreover, the fact that opportunists are jumping on anxieties about COVID-19 means organizations with remote staff are particularly susceptible to their predations, no matter the size. With these facts in mind, you need to take the necessary precautions to protect yourself. Here’s how you can.
Stay Proactive In Your Approach
The coronavirus pandemic this month looks very different from it did last month, and last month it had evolved from what it was a month before. It’s a global situation that’s constantly evolving as people, businesses, and governments alike grapple with a set of unprecedented, continually-shifting challenges. The best thing you as a leader can do is stay on top of what’s happening.
Pay attention to the news so that you know the latest updates about COVID-19. Follow cybersecurity agencies so you know what new tricks hackers are trying. And for the love of all that is holy, stay on top of your software updates, and take steps to ensure that your employees do the same.
Emphasize Better Employee Training
Carelessness and ignorance are your greatest enemies, particularly in a distributed workplace. Your employees are now all working from home, and many of them – whether you want them to or not – will be doing so from personal devices. Your first step in mitigating the risks posed by this style of work is to train them.
Coach them in mindfulness, and teach them to recognize and avoid the warning signs that often accompany phishing attempts and malicious software. Establish for them a baseline of security to which they must adhere, and explain to them why it’s important that they follow your guidelines. Don’t just emphasize that doing so will keep your own data safe.
Explain to them that they’re safeguarding their own systems and protecting their own privacy, as well.
When an employee receives an email, their first step should be to hover over every link and attachment the email contains to see further details about them. Their second step should be to contact the colleague that sent it and confirm that it was, indeed, sent by them. Their third step, if they still suspect the email is malicious, should be to notify your IT department.
You should also emphasize that employees must never give out their credentials, even if they’re asked for them by someone who seems authoritative.
Brainstorm A Remote Communication Framework
One of the biggest dangers of COVID-19, believe it or not, is found in social isolation. Many of your employees aren’t going to be used to working from home, and if there is a shelter-in-place advisory in your city, they may end up grappling with immense loneliness which could exacerbate underlying mental health concerns. Moreover, the concept of a work-life balance is significantly more difficult to grasp without a clear separation between the home and the workplace.
With that in mind, it’s important that you have a framework in place that not only keeps everyone in contact with one another but also provides employees with support if their mental health is suffering due to the pandemic. Understand also that traditional working hours are not necessarily relevant in a distributed workplace. As long as projects are done on time and to the necessary standard of quality, it doesn’t much matter when the work happens.
Deploy a Virtual Private Network
If your employees require access to corporate assets on your servers, you have two options. First, you can provide them with a VPN and a secure tunnel. Alternatively, you might use a virtual desktop application or cloud infrastructure to digitize the necessary resources.
Either way, the important thing is to provide your staff with simple and streamlined access to the resources they need to do their jobs and to do so in a way that doesn’t put those resources at risk.
Use File-Centric Security Software
In recent years, the traditional security perimeter has already grown remarkably porous. We live in an era of constant connectivity and mobility, a world where anyone can feasibly work from anywhere. In such a world, it’s not unreasonable to expect that sensitive documents will be freely shared between colleagues and partners.
It is unreasonable to allow that sharing to continue without having some sort of digital rights management technology in place to protect those documents. File-centric security is non-negotiable in a distributed workplace.
Again, though. Just as with your VPN, you’ll want to implement your security in such a way that it does not interfere with or impede employee workflows. If people find your file security solution frustrating or cumbersome, they will circumvent it.
Stay Informed. Stay Secure. Stay Safe.
From a business and cybersecurity standpoint, COVID-19 represents a host of completely unprecedented challenges. But they are not insurmountable. By understanding the current security landscape and keeping a close eye on the developing pandemic, you can take the necessary precautions to keep both your business and your workers safe, secure, and productive.
About the Author:
Tim manages the operations of Liberty Center One and One Cloud Services, a leading regional provider of IT Solutions focused on the needs of enterprises looking for high availability infrastructure and services. Tim has a demonstrated history of success in the information technology and services industry.
Liberty Center One and One Cloud Services, a leading regional provider of IT Solutions focused on the needs of enterprises looking for high availability infrastructure and services. Tim has a demonstrated history of success in the information technology and services industry.