More People Work From Home – And That Could Be Trouble
Times have changed, and more and more people are having their employees work from home. Some of these changes have been forced, while others simply made sense for that particular business or employee.
In some ways, this is great news. It frees up businesses to be more agile, to focus on productivity instead of just counting hours and gets rid of the biggest reason for tardiness – traffic.
But there are very real challenges that come with working from home. And one of the largest is the threat of someone hacking your employees or your company.
Anytime an employee uses a computer at home to access company data, you are at risk. They are often only protected by the most basic defenses and usually have the logins and passwords to access the most valuable information you have.
So what can you do to protect your employees and, most importantly, your business from cyber attacks?
Wouldn’t you know I happen to know a hacker in real life. Sure, he’s paid as a “security expert,” but he knows about cyber attacks and how to stop them.
Let’s dig into his recommendations and find out how you can be safer than ever.
TIP: Check out the VERY IMPORTANT LINK REGARDING COVID-19 HACKS at the end of this blog!
Work From Home Cyber Security
Right now, your employees have a basic cyber security set up at home. They need more.
Unlike what you’ve seen in the movies, I’m not talking about advanced firewalls, flashy graphics of cascading code or a secret basement of machines and do-dads.
I’m talking about simple steps you can take to make sure your employees are better protected from threats.
As I said before, my real life neighbor is an honest-to-God cyber security expert that works for a digital security company.
Here are his extensive notes on how to protect your employees and your business from threats online.
- Keep personal and work activities separate – Don’t browse personal websites from work computers, save work data on personal computers, or try and force your way into a work website or app that you can’t get into without permission.
- Promptly apply updates to your operating system and any other software that you have on your personal devices that you are using for work.
- Make sure to use antivirus software on your personal devices.
- Enable firewalls on both your computer and your home wireless router. If you purchased your own router, check for software or firmware updates.
- Use strong wireless encryption, like WPA, on your router or access point. Set a strong password, the longer the better. Try to store it in your password manager.
- Avoid using public wifi. If you have to use one (at a coffee shop for example), ask your employer if they can offer a VPN service to help secure your connection.
Passwords are vital. My friend has an entire line of tips based just on creating “strong identification.”
- Create unique passwords for every service where you have a login. Do not reuse passwords. Especially don’t use the same passwords for work and personal accounts.
- Use stronger passwords – the longer the better. Use a sentence you can remember, or better yet random words. You can use spaces and punctuation to make passphrase more natural to remember, which also increases the strength of the passphrase.
- Use a password manager, like Lastpass or Dashlane. It will help manage your passwords and help create stronger passphrase.
- Use multi-factor authentication where possible. Many sites offer the ability to use Google Authenticator, Microsoft Authenticator, and the like.
- Use a service like https://haveibeenpwned.com/ to periodically check to see if your account has been listed in a known data breach. If your work account appears there, notify your IT/Security department or manager.
He also has a couple of best practices tips to make sure you help your staff avoid dangerous situations.
- Stay vigilant when browsing the web reading your email.
- Don’t click on any links, especially in your email, that look suspicious. Report them to your IT department or manager.
- Pay attention to any messages that pop up on your screen. Read them and think before you click. Consider installing a popup blocker.
- Don’t forget to turn your camera and microphone off after an online meeting.
- Keep in mind there may be integrated microphones not only in your headset, but also in webcams and some monitors.
- Back up your data and make sure to back up data that employees take home.
- Don’t give private information or company information to websites you don’t know and/or trust.
- Check your social media privacy settings and know what you are sharing.
- If you download a free app, keep in mind that there is a good chance you are sharing your data.
Wow! That is a ton of information. If you’re like me, you’re already sweating over a few of these tips.
And you’ll probably need to read them again, or better yet copy them into a document and share them with your leadership team.
After you’ve digested that a bit, let’s look at the last piece of information you should think about regarding your cyber security.
Cyber Liability Protection
I’ve written about this coverage before, but it is more important than ever – especially if you have work from home employees.
You may wonder why we should talk about this after straight-up cyber security. Why talk about how to recover from an attack rather than how to avoid one?
The simple reason is that this is just the way the math works. As I’ve written about before here, there are over 4,000 ransomware attacks a day.
And that was before this massive shift to work from home.
Estimates are that the average attack in 2020 will cost $150 million dollars, because not only could you face direct damages to your business, but hackers could access the real gold mine – customer data.
And customers will sue you to protect themselves.
Cyber Liability helps keep you safe and get you back to where you were before an attack occurred.
It helps pay for things like Business Disruption, Legal Costs, Financial Loss, Loss of Customers, and even Regulatory Fines.
So if your employees do click the wrong link in an email, have their password stolen, or simply get hacked and have your main systems hijacked, you will be restored after the fallout.
CLICK HERE TO SEE THE DEPARTMENT OF HOMELAND SECURITY’S COVID-19 CYBERSECURITY WARNING
Protect Your Business. And Get Protected.
Cyber security is more important than ever. With so many employees working from home, you have to make sure your business is protected in ways new and old.
So follow the best practices that our hacker/security expert told us about, and get Cyber Liability insurance in case something does happen despite your best efforts.
If you’re unsure if you need cyber liability, or want a quote on what it would cost for your business to be protected, call us or fill out the form below and use our FREE PERSONAL INSURANCE CHECKLIST.
Because the last thing you want to be is a “What I wished I had done differently,” story.