With over two decades in the cyber security industry, Chris Scanlan leads Check Point Americas as its President.
Getty
The emergence of the novel coronavirus pandemic has reshaped our working culture. As society begins to reopen and some sense of normalcy returns, many employees will not return to the office. A recent Gartner CFO survey showed that 74% of CFOs and finance leaders surveyed plan to shift at least 5% of previously on-site employees to remote work permanently. The remote transition has created a “new normal” that could become standard for many organizations and employees.
However, this “new normal” poses new risks. Recently, the World Economic Forum published a warning about the potential for a global cyber pandemic that could spread faster than any biological virus. As we recently witnessed with Covid-19, delayed action can cause even more damage. While a cyber pandemic may be inevitable, how we choose to prepare for the next crisis will determine the magnitude of its effects.
Arming Your Remote Employees With The Right Information
The "new normal" requires businesses to adapt their security strategy while training employees on proper security hygiene. In this article, I will outline five important tips to help reduce user error and mitigate the effects of a potential cyber pandemic.
Tip No. 1: Be extra cautious with suspicious or unsolicited emails.
While phishing is something we perceive as easy to detect and avoid, hackers are becoming more and more sophisticated. In reality, the majority of cyberattacks I see are triggered by a phishing campaign.
If you receive an email prompting you to perform an action like resetting your password, updating your account details or even downloading an invoice, take your time to verify that the email is legitimate. In this situation, it is always better to be cautious and ensure that the source is authentic. If you do not remember asking to sign up or restore an account, do not click on the link. Go to the service's official website to update your account credentials.
Tip No. 2: Encrypt data on your devices, and enforce strong authentication mechanisms.
Data encryption is a fundamental solution to protect the information you store on a device and the information that device sends. Without the decryption key, unauthorized users will not be able to access the data. This principle is particularly relevant when you're working with kids at home – make sure you have a strong password so children can’t unintentionally download suspicious content from the web or app stores or mistakenly access corporate data.
Several operating systems have incorporated a “kids' mode" where the device automatically has a series of games and other child-friendly content available while completely blocking access to the rest of the device. This ensures that children do not access the personal or corporate side of your device, even when you're leaving them with your mobile phone to keep them entertained.
Tip No. 3: Always require authentication for joining remote calls or videoconferences.
Make sure every person who joins your call has authenticated themselves beforehand. Once all invited attendees have joined the call, “lock” the virtual conference room to keep any undesired users from listening in. In addition, when possible, have the participants enable their cameras so you can verify that the users you invited to the call are really there.
Tip No. 4: Security 101 says that sometimes physical security can prevent most of the damage.
If you’re working from a coffee shop or an open public space, avoid sitting where wandering people can stare at your screen and read the information displayed. Always try to find a seat with your back to the wall to ensure that no one can look at your screen without you noticing. This goes without saying, but never leave devices unattended in public places.
I recommend using a privacy screen, which is a thin piece of plastic that you can add to your screen to prevent people in your vicinity from reading the content on your screen.
Another good practice is to use a camera blocker. If you don’t use your laptop’s camera, cover it with a dark adhesive. If anyone were to remotely activate your camera without you noticing, they wouldn’t be able to see anything. Alternatively, you can use a camera cover that you can open and close based on your meeting needs.
Tip No. 5: Protect your home router.
Setting up a new Wi-Fi router is fairly easy. But before you access sensitive information, make sure your network is secure. Do not allow your neighbors to access your wireless network.
Once you grant someone access to your network, they can potentially intercept data, direct you to malicious sites or break into other devices that are connected to your Wi-Fi. It is critical to secure your network from unauthorized users by enabling WPA2 or WEP as the encryption method, changing the default router password, and regularly reviewing who is connected to your network.
Preparing Your Business For The Next Pandemic
The novel coronavirus pandemic may fade, but it has triggered new attack vectors for cybercriminals to exploit. As the WEF article explained, employees' dependency on personal devices and home networks has put cybersecurity operations under immense pressure. As the potential for a global cyber pandemic grows, every business should be prepared for the next attack. The first step to staying connected is to be protected.
Forbes Business Development Council is an invitation-only community for sales and biz dev executives. Do I qualify?
