How businesses and employees can protect themselves online in this pandemic13th August 2020
As we surf around the challenges caused by COVID-19, the prominent steps are to somehow stop the deadly spread of the pandemic. The foremost step taken was to halt everything. Further, the organizations came up with working from home policy. The business meetings are taking place virtually keeping in mind the employees’ security.
Many cyberbullies are seeking opportunities to invade. Apparently, the attackers are utilizing COVID-19 phishing emails, which offers to deliver important information but actually it plans to lure and make them click malicious links.
Recently, there are reports regarding various malicious COVID-19 information themed Android applications that allow attackers to access smartphone data or even encrypt devices. During the pandemic period there are more than 100k new COVID-19 web domains, which could be malicious.
Cybercriminals are taking advantage of the home networks as the security gaps are easily found in them. The corporate data which was hidden under encrypted and secured networks was now loose. However, the companies purchased new devices and laptops to keep the security quotient high, yet the radical outspread left the job incomplete.
Both businesses and employees play a critical role in securing their organization against cyberattacks. But, the current situation has disrupted the security chain.
What can businesses do?
Companies have improved responsibilities to clearly set expectations for managing security risk in the new normal situation by leveraging new technologies and policies. Here are a few suggestions for businesses.
Understanding the threats for the organization is the key ingredient for the treatment. The management should work along with the security teams in order to identify the risks. Also, make sure that protection of sensitive information and critical applications isn’t compromised.
Communicate clearly with the teams. The work from home policies should be clear and must have an easy-to-follow routine so that remote working remains secure. The said routine should include instructions and clearer relationships with internal security teams to keep a tight check.
Allow and give right security capabilities. Business managers should make sure all corporate devices are well-equipped with security capabilities. Here the few capabilities we are talking about:
- An ability to safely connect users to the business-critical cloud along with on-premise applications, like video teleconferencing, time tracker etc.
- Endpoint protection including VPN with encryption on all devices and laptops.
- Ability for multi-factor authentication (MFA).
- Ability to block malware and work on automated threat intelligence.
- Ability to filter unsecure domain URLs and conduct DNS sinkholing to eradicate common phishing attacks.
What can employees do?
Employees must be empowered to bind with the guidelines provided by organizations subject to preventative measures.
Password management should be intelligent. All employees must use complex passwords as well as multi factor authentication.
Keep updated systems and software. Employees should always install updates and patches in regular intervals including mobile devices or any non-corporate devices used for work.
Secure Wi-Fi access points. Individuals should keep switching passwords and default settings to reduce the potential attack impact while connected with other devices.
Make use of the virtual private network (VPN). VPNs create trusted connections between organizations and employees to ensure ongoing access of the corporate tools. Along with that, corporate VPNs additionally protect against phishing emails and malware attacks similar to the firewalls function in the office.
By adopting these relatively easy and straightforward steps both enterprises and employees can help in common security risks. We should never forget that the threat is not static meaning it is important to be vigilant against unnecessary additional costs and distractions.
After reading the articles on my website, you would be quite likely thinking about the brain behind this information. It will be better to inform that one person could never create, update and maintain such a big website. Although people like to call me as the owner of this information portal, I would like to describe myself as a geek trying to help others.