In light of the COVID-19 pandemic, businesses are developing strategies and contingency plans to protect their staff and vulnerable members of our community by moving to a remote work or work from home setup.
With a rapid increase in technology and connectivity, every device, server and WiFi network accessed outside your usual business network is a new potential access point for hackers to exploit. As a large portion of the work force moves to a work from home basis, it is vital that business leaders establish strict policies and guidelines to remain vigilant and deal with the increased pressure on their cybersecurity risk management.
The following strategies can help you ensure that you have good cyber security measures in place to address the cyber threat:
- Actively review your business continuity plans and proactive procedures
- Issue security policy guidelines and rules to your entire team. There is an additional level of risk to ensure your team abide by all privacy, data security and confidentiality laws in handling personal information outside the office environment. This also includes the physical security of your employees’ homes to minimise the risk of information being accessed, used or modified by unauthorised parties.
- Set up a Virtual Private Network (VPN). A VPN system creates an encrypted tunnel that your internet traffic travels through so it can’t be seen by third parties. Ensure that these systems (and your firewalls) are also up to date.
- Require the use of encryption and WiFi Protected Access (WPA) to Secure networks. No WiFi network is completely secure, but those that private and password protected provide much more security than public WiFi networks offered by hotels and other public places.
- Password protect everything! Have a requirement for all users to create strong passwords that contain a combination of letters, numbers and special characters. Avoid using the same password across multiple devices or accounts and ensure that multi-factor authentication is turned on where possible.
- Maintain Anti-Virus and Anti-Malware Software. Remind employees to install and update adequate security software of all electronic devices that will be used to work remotely, including laptops and phones.
- Power down your devices when not in use. Computers aren’t accessible or susceptible to attack or intrusions when they are turned off
- Tighten your authorisations for financial processes and monetary transfers. With the projected increase in social engineering attempts, it is vital to ensure you have appropriate verification and authorisation steps in place.
- Back up everything. Ensure your data is backed up and encrypted where possible. Having secure backups in place can make all the difference in the event of a ransomware attack and interruption to your business
- Stay informed. Ensure your staff and key stakeholders are informed and educated in cyber security practices. The Australian Cyber Security Centre is an excellent resource to refer to regularly.
Your IT support provider can provide you with advice on how to implement these security measures and in the event that your business is the victim of a cyber breach, an adequate Cyber Liability Insurance Policy can help protect your business from the financial implications. Speak to an allinsure adviser to find out more.