That old Nigerian prince gambit seems so quaint now, don’t you think?
As the world grapples with the global pandemic – and workers across the nation adjust to working from home – the bad actors out there are taking advantage of the crisis in new and inventive ways—from phishing emails to malicious websites, all designed to prey on our fear and uncertainty.
Unfortunately, this type of targeting is all too common during times of crisis, as Catalin Cimpanu explains in ZDNet:
“Cyberspies have not let a tragedy or national disaster go to waste … State-sponsored groups have always crafted their email lures to achieve the maximum results at a certain given time, and, historically, tragic events have always presented the best lures.”
To make matters worse, the scramble to set up employees for remote work has exposed a number of security vulnerabilities, bandwidth restraints and communication challenges at companies across the country. Business leaders are quickly realizing how critical it is to ensure your policies and procedures are up-to-date, while quickly addressing a number of key concerns with employees working remotely.
So, what are the next steps for your company?
Reduce your remote risk
Sending your employees home to work can be a scary proposition for any business leader. OpenVPN conducted a survey of IT professionals and found that 90% of them believe remote workers indeed pose a security risk to their respective companies.
Are your employees adequately trained to recognize security threats? Will they know what to do if they fall prey to something while working from home? Now’s the time to examine your policies and your technology to ensure you’re adequately protected through this crisis. Start with the following steps:
Give your VPN a second look – Ensure your remote VPN appliances are fully patched and appropriately licensed for additional users. Also, test them to make sure they can handle the appropriate number of simultaneous users working remotely.
Beef up your virtual meeting and conference call capabilities – Voice, video or a mix of both, it’s crucial that employees can communicate effectively with management and each other during this time. Ensure you’ve planned for enough in-bound bandwidth to support the total number of concurrent users, as well as have the option to add additional temporary capacity if needed. If you can’t add network capacity or bandwidth quickly, build a plan to allow only the most critical users to connect remotely.
Count on constant communication – Establish a set procedure for management to notify staff outside of the office of critical information and updates. Workers also need to know how to contact their IT departments remotely for support if they experience issues while working outside of the office, which may mean additional IT helpdesk staff available for extended hours.
Train your employees – Arm your employees with the knowledge and tools to stay vigilant during this time—to not only protect the company but themselves against attacks. This type of employee training will protect your organization from downtime, reputational risk and financial loss, all while giving your employees peace of mind they’re working in a safe manner as they log in from home.
Partner up to be better prepared
While business leaders adapt to so many people working outside the office, those critical IT applications that support your external and internal clients must be operational. As a business leader, make sure your critical IT team members are available during this time, but also that they’re adequately rested and “fit for duty” to respond quickly and avoid critical mistakes.
Of course, you have to know where your weak spots are before you can fix them. Security vulnerabilities can provide hackers easy access to your IT systems and applications, which is why you must identify and correct weaknesses before they can be exploited. Work with a trusted IT solutions provider to conduct a vulnerability assessment that can identify and prioritize the weaknesses in your system, applications and network infrastructure so you can react appropriately. This type of comprehensive assessment – coupled with a security management framework – can help your company improve the security of your systems.
With a little advance planning and some extra effort at this crucial time, we can start tipping the scales back in favor of the good guys, and ensure your business is well-positioned to successfully weather this storm.
John Dickerson is an infrastructure architect and security subject matter expert at Veracity Consulting, a tech consulting team of trusted advisors, ready to deliver unique solutions to the toughest business challenges of commercial and federal clients across the U.S. Learn more at VeracityIT.com, and share your thoughts on Facebook or Twitter @engageveracity.