Chances are your workforce is remote by now due to the coronavirus pandemic. A shocking 92% of IT professionals recently admitted that remote workers’ IT environment are dangerously insecure in Open VPN's poll.
Here are five critical security best practices you can do to secure your company's data and dramatically reduce your risk of incident:
- Protect RDP (remote desktop protocol). Notorious for vulnerability, have you checked your RDP settings? More importantly, is your workforce accessing through a VPN? If not, you are in danger.
- Prevent Email scams. Watch out for an increase in malicious phishing campaigns, for instance; a promise of a COVID-19 cure. Beware of anyone asking for donations. Never click on links or attachments from people you don't know or seem out of character with the person you do know. When in doubt, ALWAYS discuss separately with the sender to confirm its authenticity.
- Security updates and patches must be a priority for all workers. Make sure remote work devices are armed with strong antivirus software, customized firewalls, and automatic online backup tools. At minimum, make sure remote workers have adequate virus/malware software detection and automatic updates.
- Create and disseminate a work-from-home security policy. First, list the tools and platforms they should be using, such as cloud storage platforms, communication/video conferencing tools and project management tools. Then detail how they should engage with their teams, how often they should report status, and what behaviors to avoid.
- Provide employees with steps to follow at the first signs of account compromise. If there is a possibility that the company’s information has been endangered, they must have a clear procedure to follow and know where and to whom they should immediately report the incident.
Make sure your employees are clear that it’s everyone’s responsibility to protect company data and systems while working remotely. Doing these five checks will help reduce your company's risk of being hacked, thereby avoiding additional costs, liabilities and headaches. Remember, it's management's responsibility to provide employees with the tools and policies to keep work devices safe.
Concerned about your company's data security? Give us a call. We're here to help you anytime to secure your company's data.
Contact ICE: Phuoc@icecybersecurity.com