During the COVID-19 crisis, none of us wants to get the virus or spread it to others. Thankfully, most of us are succeeding by following the right steps such as washing our hands and maintaining social distancing rules. Those of us who are able, are also working from home.
Of course, working from home brings its own risks. Unlike having your cat suddenly join your video conference call, data security is a risk that can’t be ignored. Cybercriminals can wreak havoc on your business, affect your credibility with customers and cost you thousands and thousands of dollars. Putting a plan together and taking the right steps to protect company assets is something many companies talk about doing but tend to put off until it’s too late.
With many businesses in a state of flux right now, cybercriminals view this crisis as an opportunity to exploit vulnerabilities. Here’s what IT teams and leaders should be doing to minimize those opportunities and keep criminals out.Endpoint Security Controls
In the early stages of COVID-19 lockdowns, many businesses put a priority on getting their employees up and running quickly and addressing security afterward. If you haven’t already provided endpoint security controls for your remote workers, you need to act quickly. And if you already have controls in place, you may want to increase your protection settings.
To provide secure access to your business network and block potential malware, companies should provide VPN clients and antivirus software. This is especially important for employees sharing their systems with family members. To take things a step further, you can look into asset and operations management tools to turn unmanaged home PCs into short-term managed corporate assets.
If you already have endpoint security in place, consider reconfiguring them for maximum protection everywhere. Many organizations don’t use maximum protection settings for fear of disrupting users with false positives or reduced performance. But many IT teams and security leaders are modifying this policy during the work-from-home boom. It’s better to be safe than sorry.Mobile Device Security
Many employees aren’t just using desktop computers at home. They may be using laptops or even tablets, smartphones and other devices to access company networks and data. Even if they’re using company-issued devices, mobile device security is a top priority.
This is another area where VPNs, software, and management tools can be critical. For example, companies such as Cisco, Fortinet, Sophos and others provide hardware solutions that you can ship to your employees. These kits are pre-configured to provide secure hard-wired and wireless business network access from virtually any device they may use.
An IT professional can configure one of these solutions in minutes, and they’re largely plug-in-play with easy instructions for end users to connect to their home Internet and connect their devices.Network Security
As VPN use has exploded during COVID-19, now is the time to make sure you have the right firewalls and gateway appliances in place. You may also want to consider a secure DNS service and implement a DNS Security Extensions (DNSSEC) protocol. This can help prevent DNS hijacking and man-in-the-middle attacks that exploit home users’ web activity.Multi-Factor Authentication (MFA)
Many organizations have not implemented multi-factor authentication procedures for user logins, whether they’re logging into networks, devices or business applications. But multi-factor authentication is one of the strongest protections against nearly all cyberattacks that rely on gaining unauthorized access to user accounts.
There are simple MFA solutions available including single sign-on solutions, mobile-app-based two-factor authentication and many others that can help you implement an MFA strategy without imposing cumbersome procedures on your remote workers. You can also deploy a solution and tweak your approach later.Lean on Your Trusted Partners
Adjusting to the new reality of COVID-19 and a massive shift toward remote work can easily be overwhelming. There are a lot of important considerations to consider ensuring IT and data security, and seeking the advice of an expert is always a smart approach.
Working with a trusted technology partner is a good first step. We’re all in this together, so now’s the time to reach out and get help from experts and partners who understand your business and can offer solutions and support to secure your systems and remote users.
It’s also something that you can largely do remotely, since expert advice is often just one phone call, email or click away.
At CNP we’re here to help! This is a difficult time, particularly for SMB’s, but we want you to know we are available to provide recommendations, support, strategy and answer your questions to keep your business moving forward and your employees and data safe. Reach out to us today to schedule a complimentary remote assessment to identify areas of your network that might need improvement.