The COVID-19 pandemic has increased cybersecurity fears, and a number of new scams have arisen as a result. Here’s how to stay safe in lockdown.
Across the world, people have been locking down and staying at home to counteract the COVID-19 pandemic. However, the disease is not the only danger, and many businesses are finding themselves at risk of cybersecurity threats as their employees work from home.
A recent BBC article confirms this. IT managers and business owners are finding their companies bombarded with cyberattacks of all shapes and sizes. One computer network manager reported tens of attacks per week, including phishing scams, ransomware and even WhatsApp messages from scammers claiming to be the CEO and requesting money.
There are a number of risks caused by remote working, from unsecured devices to employees printing out sensitive documents and not shredding them. However, many of these issues can be dealt with. We’ve found that there are two main methods you can use to prevent cyberattacks: training employees on the risks, and providing them with the right equipment.
Roughly 20 per cent of remote workers haven’t received any training on data protection, GDPR or cybersecurity. This is a concern in itself, but there’s also the question of whether or not the training the other 80 per cent received was any good. After all, another ten per cent said they couldn’t remember whether they’d received training at all; not a good sign!
A lot of cyberattacks aren’t based on complicated technology or manipulating code; mostly, they involve tricking people into providing information. Phishing scams, for instance, often come in the form of an email from a familiar-looking email address asking you to look over a document.
Clicking on the document takes you to what looks like a sign-in page for Google Docs or something similar. However, logging in only provides the scammer with your password, which they can then use to access company data.
Stopping this type of scam requires training staff to be able to recognise it. We recommend KnowBe4, and we can help you to set this up and implement it. It uses simulated phishing attacks to test employees, so they get a chance to see what this type of cybercrime looks like.
Most employees are using their personal laptops to work from home, which can be a security risk, especially when 45 per cent haven’t received any extra training on how to keep these devices secure. A computer that is used for both work and personal activities is much more likely to pick up malware, and accessing both a work and a personal email account doubles the chance of scams.
Training is obviously one answer to this, but it may not be enough to protect a business’ network from already-compromised devices. Talking to the BBC, cyber-security specialist Ted Harrington said the best option is to “supply staff with laptops and other equipment that are owned, controlled and configured by the company".
This can be a significant cost, but you don’t have to buy new; we can provide refurbished laptops and endpoint management tools helping to ensure that your data is secure. If you need help with new devices or cybersecurity training, get in touch with us at firstname.lastname@example.org and see how we can keep your remote workers safe.