Optimising cybersecurity for remote workforces

During 2020, the need to suddenly shift to remote working left many companies little time to prepare for the transition. Hackers used this as an opportunity to profit from unprotected networks, and cyberattacks have spiked since the start of the pandemic.

There’s no denying that there are advantages and disadvantages of working from home (WFH). Workers can skip traffic and join a conference call in their comfy pyjama bottoms, but may feel distracted and alone.

Whether you love or hate it, smart working has allowed thousands of companies to protect their employees’ health while remaining operative. Unfortunately, COVID-19 is not the only virus they need to worry about.

No furlough for hackers

How to protect against cyber attacks

The shift to remote working has massively increased hackers’ potential attack surfaces. This gave them more opportunities to compromise a business’s security system. A survey conducted by Malwarebytes showed that since the start of the pandemic, 20 percent of respondents organisations experienced security breaches.

Unprotected systems used by remote workers were the cause of these. With a further 24 percent of them facing unexpected expenses as a consequence.

Security organisations in the UK and US have warned corporations that working from home is causing an increase in malware.

It is not only the smaller companies with insufficient protection that cyber hackers target. For example, attackers targeted NHS employees with more than 40,000 spam and phishing attempts between March and July 2020.

Despite this, the Malwarebytes poll found that most respondents overestimated their remote readiness and underestimated the consequences of serious security holes.

Stay safe

In this context, organisations need to pinpoint areas of their IT systems that might need increased protection. Alongside this, they need to train their remote workforce to be on guard against possible cyberthreats.

For example, using personal laptops and home computers instead of corporate devices might increase the risk of cyberattacks. Personal computers don’t offer the same protection as corporate ones. Organisations cannot know what antivirus their employees are using on their PCs, or even whether they are using one at all.

Most of the time, personal devices also lack services such as customised firewalls and automatic backup tools. These might allow employees to recover data in the event of a successful cyberattack. Providing laptops to all employees may be expensive, but it could save money in the future by avoiding repeated attacks.

Home WiFi networks can also be entry points for malicious software. Compared to corporate networks, those set up for personal use might have weaker protocols, such as WEP instead of WPA-2. Training your employees on how to evaluate and improve the security of their home networks may be beneficial.

It’s also important to warn employees against using unsecured free WiFi networks in public spaces. Hackers are famous for spying on internet traffic that flows through these networks. This is in the hopes of identifying confidential data. If revealed, it might lead to very serious financial and reputational damage for companies.

Keep it private

Advantages Of Virtual Private Network

Many remote workers use a virtual private network (VPN) as a way to protect their online privacy. This is a good choice, as VPNs encrypt internet traffic and make it cryptic to third parties who might intercept it.

However, VPNs are not risk-free, and hackers can target them to gain access to corporate networks. If you’re using a VPN, make sure to add an extra security layer by choosing the right protocol. For example, you can switch from PPTP to OpenVPN, which guarantees maximum privacy.

Another tool to protect your sensitive information is, of course, the use of strong passwords. This might sound obvious, but it’s incredible how often employees might use easy-to-guess passwords. As well as using the same password for a variety of corporate accounts, or leave the remember password function on.

Remember that most successful cyberattacks happen by brute force. This is where hackers try to access corporate networks by inputting as many passwords as possible. Choosing secure passwords and changing them often is the first line of defence.