Working from home has become the new reality for organizations of all industries and sizes as the nation struggles to contain the coronavirus pandemic. As companies contemplate an indefinite period of remote work and virtual interactions, it’s essential that they not overlook a critical variable: ensuring online security. Security while remote working adds a whole new layer of complexity.
As our CEO, Michael Greene, put it in a recent article in SmallBizDaily, “Bad actors are already taking advantage of the common problem of password reuse to access sensitive systems on a daily basis. It’s a sad but true reality of our times that this will increase with more virtual interactions, and that attackers will also be actively seeking other ways to capitalize on COVID-19.”
Following are a few critical areas for organizations to review as part of their broader security remote working response:
- Secure the password. With new breach data available on the Dark Web on a near real-time basis, it’s incredibly easy for hackers to access sensitive systems and data if employees are unknowingly using compromised credentials. As we’ve written about numerous times on this blog, this is a huge problem facing businesses today. As remote workers create new accounts and credentials it’s poised to snowball unless companies avail of credential screening solutions that can monitor password security on a daily basis. To quote the SmallBizDaily article again, “You don’t want to wait until your entire workforce is distributed to discover that your employees are inadvertently laying out the welcome mat for attackers.”
- The home factor. With most schools and universities shut down, the pandemic is also resulting in increased connectivity for children and other family members. Because it’s relatively easy for others within the household to accidentally download malware onto the home network, businesses should encourage employees to set up a separate WiFi network that they—and only they—will use solely for business while working from home. In addition to this important security consideration, it’s also imperative that employees use their corporate VPN to access any corporate resources when they are not physically in the office.
- Monitor for phishing scams. The consumer sector has already seen numerous coronavirus-related phishing scams, and we can expect hackers to increasingly target employees by feeding into their fear and confusion surrounding the virus’ impact on their company. For example, subjects like “[Company Name] Confirms Coronavirus Diagnosis” or “[Name], Checking In?” might entice a nervous employee to quickly open the email and maybe even click on a link. We have also recently seen an uptick in scams centered around the $2T US Corona Virus Stimulus package. While phishing best practices have surely been distributed to your company before, it’s important to review them now with employees in light of the new situation in which we find ourselves.
You can read more about these and our other tips for protecting account security in the coronavirus era here. It’s impossible to predict when things might return to normal, but companies can ensure that hackers don’t benefit from our increasingly virtual business environment by taking steps to address security today.
Learn more about securing the password with exposed password screening.