It is no secret that COVID-19 continues to affect the world in a multitude of unforeseen ways. Cybercriminals are thriving in an environment where many people are working from home. Whether impersonating government organizations, collections agencies or phishing, many have fallen victim to cybercrime.
During the United States’ original proposed re-opening week, Google reported over 18 million phishing and malware scams in just one day according to a report in The Verge. These programs prompt individuals to download programs, click external links from emails or donate funds and endanger private data and information.
What’s more, a recent report in SkyNews showed that Coronavirus fraud victims have lost more than £4.6m to virus-related scams.
Taking Preventative Measures
Due to the increase in cybercrime, businesses must take preventative measures to ensure the safety and privacy of their data, information systems and digital platforms as usage expands. Business models are changing from in-house servers and hardwired desktops to cloud-based and mobile solutions. This shift in business operations puts companies in a more vulnerable state as they face an entirely new reality. Remote access solutions should be continually patched to ensure they are protected from software vulnerabilities during this time. Business continuity is nearly impossible without the adoption of online mediums, but the fundamental change comes from cyber risk as well.
Internal Security Monitoring Systems
As many companies continue to work from home, it’s important that they tighten their security protocols as the workforce adapts to a remote learning and working environment. Companies should consider utilizing endpoint monitoring of their existing computer software. This software can track every device in the organization’s computer systems, including servers and laptops. The software allows for a virtual desktop to be accessed remotely in the event of a data breach or compromised computer, making it easier to respond to potential risks and vulnerabilities. The virtual desktop is monitored by a third-party, making it more difficult for hackers to access secure files, resulting in stronger cyber security standards while minimizing risk.
In today’s current new landscape, password and log-in protection prove even more instrumental to company security, especially with increasing usage of online servers for daily tasks. Multi-factor authentication is one technique that allows for an added layer of protection from data breaches and impersonation attempts. Multi-factor authentication demands that a computer user present two or more pieces of evidence to an authentication mechanism before the grant of site or account access. While this may seem customary to many sites that are consumer-facing, implementing this technology with a company’s internal systems can add a significant layer of protection when working in a remote environment. Companies can work confidently by ensuring that multi-factor authentication solutions are fully integrated into company policy and practice.
Additionally, asking employees to review cybersecurity guidelines allows executives to reinforce employment standards from home. Educating employees on password policies, how to handle suspicious emails, data sharing, and public Wi-Fi network risks are equally important.
Implementing Privacy Policies for External Communications
Privacy policies are increasingly important for businesses that may have a customer-facing audience. When companies partner with businesses in merged or joint ventures, and work with external vendors, privacy policies need to be updated to reflect the ongoing processing activities and collections of personal data. Updating and reviewing privacy policies of new or joined websites might just save companies from compromising situations. Companies must be transparent with the ways in which they collect, store, and use the personal data of their customers.
Not only is it important for businesses to be transparent about their privacy policies and operations, but it’s just as important for them to educate their customers on any cyber security issues they are aware of internally. For example, if a company becomes aware of a phishing scam that is utilizing the brand’s name or likeness, it would be in the brand’s best interest to contact their customers as soon as possible to avoid any situations that may put the brand reputation at risk.
If there is one lesson that many businesses have learned so far, it’s that emergency situations like COVID-19 highlights many of the cybersecurity shortcomings and problems in existing strategies and policies. An underestimation of cybersecurity risks can be detrimental to businesses as hackers and cybercriminals recognize opportunity and vulnerabilities with people working from home.
The implementation of cybersecurity tactics is crucial in ensuring a safe, remote-working environment. The shifting nature of today’s workforce presents the perfect opportunity to review existing security protocols and policies and allows for education that will lead employees and customers to a higher understanding of cybersecurity. It allows businesses to implement cybersecurity systems and technological advancements into their diurnal functions. Revisiting policies and technologies ensure a safer transition for businesses as they adapt to working remotely.
Erica Olson is a cyber-defense market insight associate for Merit Mile Research, a division of integrated communications company.