By Michael Hensley, Director of Professional Services
As our communities have begun taking significant strides in easing shutdown restrictions and entering new phases of reopening, many businesses have begun to follow suit. While the number of COVID-19 cases continues to drop nationwide, our nation’s economy has surged in recent weeks as restaurants, retail stores, hair salons, and other small businesses are now back in the saddle. Yet in the face of such optimism, companies must be wary of looming technology and security challenges that await in the months ahead.
While some employees will return to office spaces, many will continue working remotely or from home. According to BitSight, employees’ personal networks are 3.5 times more likely to be infected with malware when compared to corporate networks. This presents a significant security risk for businesses. Organizations must quickly prepare to adopt more effective practices and develop increased safety measures before the upcoming peak in employee work-from-home demands.
Here are the proactive steps that businesses need to take to lessen their vulnerability and exposure to a potential cyberattack:
- Digitally sanitize employee equipment
As employees began transporting laptops and desktop computers to their homes in mid-March, IT departments were forced to handle heightened security challenges within their organizations. How would IT experts be able to protect their employees’ at-home networks, environments in which they had no control over? Hackers saw a golden opportunity to take advantage of lesser security protection in the homes of millions of Americans. It comes as no surprise to see a dramatic spike in intrusive activity since the start of the pandemic. Well before workers begin returning to the office, IT departments need to do their due diligence in identifying policies and methodologies that can be used to ensure devices like computers come back clean.
- Review perimeter security environment
Prior to the coronavirus outbreak, IT departments were able to control all aspects of their organization’s security practice. Proper protection was enforced to align with network perimeter boundaries, making it possible to shield workers from outside cyberattacks while in the office. However, once the transition to work-from-home began, these IT experts no longer had the same amount of authority to protect their employees from potential cyber threats. In order to secure workers and their personal data, organizations needed to get creative to extend their security perimeters into the homes of their employees. As businesses begin returning to normal, IT leaders should rethink their current security policies and look for gaps in their organization. By working to identify potential company-wide weak points, these areas can be patched up to ensure the cyber protection of an organization.
- Implement user security training
In the world of IT, it is a well-known fact that users are the weakest link when it comes to cybersecurity. Even if an organization has invested millions of dollars into a high-level security infrastructure system, one wrong click by an employee can easily bypass these protections. The time is now for companies of all shapes and sizes to begin developing or ramping up the frequency and intensity of their user security training. These programs can increase workers’ security awareness by providing them with valuable tips and advice on avoiding phishing and other cyberattacks.
- Ensure that internal and production systems/software adapt to a work-from-home environment
Many organizations utilize sophisticated software platforms that had historically only been accessed internally. Upon the COVID-19 outbreak, IT teams had to take a step back and discover how employees could use these systems from their homes. From advanced pieces of software like SAP to soft phones with extensions that could be accessed remotely, IT experts faced a slew of challenges in making sure employees could connect to these platforms safely and securely. Moving forward, IT experts must continue to protect these systems and ensure their ease of access in remote-work settings.
- Implementation of multi-factor enablement
Multi-factor authentication has become an efficient and cost-effective security solution for all companies. To ensure the protection of an organization and its employees, IT departments should be embracing the implementation of this tool. In working hand-in-hand with VPN and VDI, multi-factor enablement can protect cloud-based applications with ease.