Connecting your remote workforce is creating a series of security risks that require new solutions. To understand these risks, we need to understand the tactics that cyber attackers are deploying first before we can hope to protect our people and our data. Because few organisations can afford to deal with the effects of a data breach in the current circumstances.
Under normal circumstances, our employees are tethered to desktop PCs within the four walls of our office. We can ensure each user within this environment is secure behind an enterprise-grade firewall, and we can monitor each user and application to ensure they are who they say they are.
Now we have employees working from home on the family computer, protected only by a free antivirus program and whatever protection their internet provider may or may not have installed on their router. Yet they’re now logging into your systems, accessing sensitive data and communicating with your customers.
To say that these remote workers are an easy target would be an understatement. Particularly when we consider the insidious methods that cyber attackers deploy to exploit these new vulnerabilities.
Rapid growth in Covid-19 phishing scams
There is no shortage of reports of Covid-19 related scams around the world over the past couple of months. A recent report found Google was blocking around 18 million phishing emails every day, making up close to a fifth of the 100 million phishing emails that are sent each day.
The most effective phishing emails will make it through email filters and encourage a fast emotional response from recipients. Urgent health information from a reputed source during a pandemic is tailor made to encourage us to click on malicious links or attachments that install malware or allow attackers to access devices and data.
Insecure home networks and passwords
Wi-Fi security is really only as strong as the security installed on your router, which is to say – not very strong at all. Particularly when we know that hundreds of thousands of the most popular brands of Wi-Fi routers from brands such as Netgear, TP-Link and Linksys were shown in 2018 to be infected with a malware system with links to Russia.
Home Wi-Fi networks will also have much weaker protocols such as WEP instead of the latest versions of WPA2 or WPA3 for network passwords. Combining inadequate network passwords with the likelihood that employees also have weak application and device passwords, we can see that remote employees are, to some extent, sitting ducks.
Keeping your employees secure without the benefit of your enterprise-grade network security is a challenge, but it isn’t impossible. The best security strategy starts with having secure devices, with best-in-class, in-built security features installed on the devices themselves.
At Southern Cross Computer Systems, we’ve partnered with HP to bring your workforce the industry-leading PCs from the HP EliteBook range, powered by Intel® processors, that are equipped with the most advanced device security on the market. Get in touch with us today to discover how we can help you keep your people and your data secure in every scenario.