Cybersecurity Tips in the Time of Covid-19

How to Work from Home Securely

6 Cybersecurity Tips in the Times of Covid-19

When Covid-19 (Coronavirus) began to spread rapidly in China and lockdown was introduced, employees began to start working from home at an unprecedented rate. Now workers all around the world who haven’t had experience working remotely before are getting to grips with this new way of working. 

This rapid expansion of remote working has presented challenges for employers, employees and IT staff alike – especially when it comes to cybersecurity. The usual approach of getting a worker to come in to collect their new laptop and phone, and to receive the on-site training that you hope will make them a safer teleworker is not an option for many. Remote users will often need to be set up from scratch and entirely remotely. 

Below are 5 tips on how to work from home safely. 

1. Ongoing Communication

Employers should provide clear information for staff and have open channels for feedback to staff on how to react to a problem. That means info on who to call, hours of service and emergency procedures.

For employees, it’s smart to stay on top of company communications. Your inbox might contain emails about policy changes ranging from work hours to travel. Your employer might consolidate Covid-19 information on the company intranet. If you have any questions, ask.

2. Using Organization’s Tech Tools

Employer’s cybersecurity tools are designed to protect data and devices. Cybercriminals have an interest in both, whether you’re working in the office or at home. That might mean you do your work on company supplied laptops and mobile devices if this is possible. In using either your organization’s computer or your own, you most likely will also use a firewall and antivirus protection, along with security features like VPN and 2-factor authentication.

Avoid improvising with tools that haven’t been approved as tempting as it may be. You could inadvertently introduce a software program with a security flaw — and that means someone unauthorized may be able to access company data or any personal data you have on that device. Discuss with your needs with your  IT team who can help with a solution. 

3. Beware of coronavirus-themed phishing emails

There have been many reports of cybercriminals exploiting Covid-19 by sending fake emails with dangerous links to employees. Remote workers should be suspicious of any emails asking them to check or renew their passwords and login credentials or click on an embedded link, even if they seem to come from a trusted source. Don’t click. Instead, immediately report the phishing attempt to your employer.

Employers should ensure users only to reach out to you for cybersecurity assistance by using the email address or phone number you gave them. Provide a single contact for these incidences.

4. Back-Up, Back-Up, Back-Up

Create a back-up strategy and implement it. All important files should be backed up regularly. Not backing up data is a risky move, which means any files that are deleted or corrupted by an attack cannot be restored.

The WannaCry ransomware attack spread to 150 countries, impacting over 10,000 organizations and 200,000 individuals in over 150 countries. The outcome of this event highlighted the value of having good clean backups in a secure storage system in order to recover data hidden from ransomware. These attacks also demonstrate the value of having the latest security patches installed and a comprehensive security software solution protecting your workstations, laptops and servers. 

While more businesses are now implementing backup solutions, there is a tendency to ‘setup and forget’, so they don’t realize something has failed with the system until it’s too late. It is recommended that organizations perform daily offsite backups of their systems, as well as periodically validate the quality of the backups. There is nothing worse than having your systems compromised and then realizing your backups are effectively useless.

5. Other Useful Tips

Tips for home working for employees also include:

  • Ensure your Wi-Fi connection is secure. While most Wi-Fi is correctly secured, some older installations might not be, which means people in the near vicinity can snoop on your traffic.
  • Ensure anti-virus is in place and fully updated.
  • Check all security software is up to date: Privacy tools, add-ons for browsers and other patches need to be checked regularly.
  • Lock your screen if you work in a shared space: Workers should really avoid co-working or shared spaces at this moment and that social distancing is extremely important to slow down the spread of the virus.
  • Make sure you are using a secure connection to your work environment.
  • Check if you have encryption tools installed. 

6. Monitoring Remote Sessions

With more employees working from home, companies are seeking ways of monitoring remote sessions. One compelling case can be made for recording remote sessions for later playback and review. Employers are concerned that in the event of a security breach, they won’t be able to see what was happening on users’s desktops when the breach occurred. Another reason for recording remote sessions is to maintain compliance, as required for medical and financial institutions or auditing for business protocols, etc.

TSFactory’s RecordTS v5 will record Windows remote sessions reliably and securely for RDS, Citrix and VMware systems. Scalable from small offices with one server to enterprise networks with tens of thousands of desktops and servers, RecordTS integrates seamlessly with the native environment.

Click here to learn more about secure remote session recording.