Cybersecurity risk management: How companies are responding to COVID-19 and remote work
by Sara Nguyen
A recent study by Visual Objects shed some light on how companies responded to new security risks due to more employees working remotely during the pandemic.
With the rise of remote work, companies had to ensure that their employees were safely and securely able to work from home. IT had to adapt networks rapidly to accommodate this change.
Keeping IT infrastructure safe from cybercriminals is a huge priority—especially in the healthcare industry that deals with sensitive data like protected health information (PHI).
Per the Visual Objects’ report, here are five best practices that companies are implementing to reduce their cybersecurity risk as people remotely work from home.
1) Take work devices home and don’t use personal devices
The survey revealed that 66% of employees took home their work computers and devices. This keeps their professional and personal data separate from each other.
However, a third of the workforce are using their own personal devices to work from home. This BYOD (Bring your own device) practice has been a trend for several years since employers have noticed improved productivity, efficiency, and workflow.
Yet it comes with the price of a potentially unsecured network. If your employees are using personal devices, make sure they have the right security installed, like anti-malware protection, to secure data.
2) Use a secure WiFi network
According to the survey, a secure WiFi network is the most prevalent cybersecurity practice that companies used. But not all companies are mandating their employees to use a secure WiFi network.
This could be a dangerous mistake since public networks are vulnerable to attacks from hackers.
Requiring your employees to use secure WiFi networks is a simple and effective way to keep your cybersecurity strong.
3) Train employees on phishing scams
The most significant security risk isn’t related to your IT system; your employees are prone to human error and falling victim to email scams.
Email phishing scams are a popular method for cybercriminals to get into your network. All it takes is for an employee to click on a link or open an attachment for ransomware to infect your system.
4) Require virtual private networks
Virtual private networks (VPNs) offer an extra layer of security by encrypting data and making it only accessible to other VPN users.
For those working remotely, a VPN ensures that all work data stays within the network and keeps sensitive information safe from unauthorized users.
It’s also a great back-up security tool in the case of a secure WiFi network failure. A VPN removes reliance on an employee’s personal network to keep data safe.
5) Utilize two-factor authentication
Two-factor authentication (2FA) is a popular method of keeping online accounts secure. 2FA asks a user to verify their identity twice—first with the password to the account and then with additional verification.
The second verification can be answering security questions or receiving a custom PIN through a text message.
This is an easy and straightforward way to keep your data safe but still making it accessible to your employees.
Many companies aren’t enforcing any cybersecurity measures
Even though a remote work environment means more security risks, Visual Objects reported that some companies do not implement any safety measures to protect themselves.
In fact, as many as 34% of companies haven’t implemented standard cybersecurity practices during the pandemic.
They may be worried about the cost or being able to execute new protocols effectively, but it’s worth the trouble to ensure that your remote employees are secure.
A data breach can cost you hefty fines for violating HIPAA, and there’s also the possibility of receiving a ransom demand from the hackers in a double extortion attack.
It’s much easier and cheaper to implement cybersecurity rules among your remote workforce.
How Paubox can help
Healthcare industries have seen a significant increase in ransomware attacks in recent months. Keeping data secure remains a top priority.
Our solution seamlessly integrates with your existing email host (such as Google Workspace or Microsoft 365) and transmit email with TLS 1.3 encryption, the newest and most secure version of the Transport Layer Security (TLS) protocol.
Paubox Email Suite Premium also has inbound security tools to prevent threat vectors from infiltrating your inbox.
We cover everything from blocking display spoofing scams with our ExecProtect and DomainAge technology to setting up data loss prevention (DLP) rules to avoid intentional and unintentional data from being sent to unauthorized users.
Don’t let your employees fall victim to security gaps. Make it easy for them and you by executing standard security risk management within your organization.