Month: February 2022

  • WFH means more vulnerability to cybercrime. Here are some methods to stay safe

    WFH means more vulnerability to cybercrime. Here are some methods to stay safe

    WFH opens up whole new horizons in terms of flexibility, productivity, and cost savings. But, it also opens your business up a little more to cybercriminals, as you can’t have a hands-on approach to cybersecurity, especially if your employees are using their own devices for work. This blog discusses some mechanisms that you can use to mitigate the risks of becoming a victim of cybercrime in the WFH setup.

    Multi-factor authentication

    Instead of using a single password for data access, multi-factor authentication adds more layers to security. If WFH has your employees accessing their work computers remotely, then you simply cannot skip multifactor authentication. Multi-factor authentication works by confirming the identity of the user across 3 areas

    • What they know: Examples include asking for User IDs, passwords, answers to ‘secret questions’, verification of their date of birth, etc.
    • What they have: This includes physical tokens, access cards, OTPs sent via text or email, etc
    • Who they are: This authentication mechanism includes biometric authentication such as retina scan, fingerprint, or voice recognition.

    While the 3rd kind of authentication (who they are) may not be easy to implement in a WFH scenario, you can still use multi-factor authentication to include the first 2 options.

    The Cloud

    Using the Cloud to store your files presents a lot of advantages in the WFH environment. It certainly saves time and effort as files don’t have to be mailed back and forth, eliminates version control challenges, and ensures timely access to data. But, did you know that you can also leverage the Cloud to thwart security threats presented by the WFH scenario? The Cloud lets your employees work safely from anywhere and offers more safety than local data storage mechanisms. Any data in the Cloud is encrypted, which means it is not that easy to access confidential information as it would be when someone hacks a PC. Plus, the chances of data loss are almost zero. Unlike your employees storing work files on their computer, which can be lost or misused if their device malfunctions or is stolen or hacked into, any data put on the Cloud stays there.

    Employee Training

    Did you know that lack of knowledge is one of the major reasons behind companies and individuals becoming victims of cybercrime? All it takes is one wrong click to open the floodgates, and the only way to stop that from happening is to train your employees on cybersecurity best practices. Training will not only provide them with a clear set of do’s and don’ts but also help them identify situations where they may be a possible target. Training on cybersecurity best practices can cover a wide range of topics, but here are a few that should not be missed Password hygiene

    • What does a good password look like?
    • Why is password sharing an absolute no-no?
    • How to identify phishing attempts?
    • Why is it important to install software updates and patches on a timely basis
    • Data storage best practices
    • The risks associated with public WiFi such as those at malls, coffee shops, or airports

    You can also conduct mock drills and check who grasped these concepts right and who needs further training.

    An experienced MSP can help you overcome the cybersecurity challenges propelled by the WFH scenario. They can put your mind at ease by taking care of everything–from anti-malware solutions to employee training, and beyond.

  • Data security in a WFH setup

    Data security in a WFH setup

    Do you have staff working from home? With the pandemic still around, the answer to that question is most likely a “Yes”. And, that makes sense too, why risk the safety of your staff when you can operate equally well or even better with them working from the safety of their homes. But, did you know that the WFH model can put your data at risk? When you have your employees work remotely, inadvertently your data is more vulnerable to cybercrimes. However, there are solutions that help ensure the WFH environment is safe–for both your employees and your data. Let’s take a look at 2 of the most recommended ones.

    Anti-malware tools

    Any discussion about data security has to start with anti-malware applications. These applications keep your computers safe from viruses, worms, adware, and other malware. When your employees are working remotely, they are most likely to use their own devices such as their laptops or the desktop computers at their home. Plus, with the working schedules blurring, and the trend to “be there ” 24/7 catching on, personal devices used for work include smartphones and tablets as well. It could so happen that your employee’s devices are not up-to-date on the latest anti-malware software. These software programs do not come cheap and so your employees may not have them at all or maybe using an outdated or free version of the tool, which may not be of much help. So, one of the first things you should do as a company is to provide the latest version of powerful anti-malware software to your staff to install on their devices. Again, if they are using personal devices, you may not be able to make this mandatory, but considering it safeguards their private data as well, most will happily take advantage of this offer.

    Firewalls

    Firewalls protect your data by monitoring network traffic and allowing/blocking data exchange based on preset rules. For example, a firewall lets you dictate what websites can or cannot be accessed from a particular device, or what software programs may be installed, etc. Sounds great, doesn’t it? Using a firewall you can weed out the risk of your employees compromising your data security unwittingly by visiting unsecured places on the web. Firewalls also generate alerts for the system administrator if there’s an attempted breach. For example, someone tries to visit a site that has been firewalled. But, there’s a caveat. You can only install a firewall on company property, that is, if you are providing your employees with laptops or desktops to use for work purposes. You can’t Firewall your employee’s devices that they are using to access work files when operating from home.

    As you can see, deploying data security software in a WFH environment can be tricky. Consult with an MSP who specializes in cybersecurity, data protection, recovery and backup to learn what are your options and how best to implement them.

  • The challenges in establishing data security best practices in a WFH environment

    The challenges in establishing data security best practices in a WFH environment

    The COVID-19 pandemic changed the landscape of the corporate world drastically by making WFH, mainstream.. What does that mean for your business data? How does it change your business’s cyber risk profile? Download our whitepaper, The WFH environment & associated data risks, a new perspective, to find out.

    Restrictions on installing firewalls, antivirus, system/software updates, and security patches

    When your employees are in the office physically and using your computers, you can install firewalls and access control mechanisms. For example, you can block non-work-related sites or sites with 3rd party cookies, or set up password policies for them to follow when using the device, etc. But, if they are working from home, and using their own devices, there’s no way you can install firewalls or have access restrictions like that in place at the system level. Similarly, you can ensure your work computers are up-to-date in terms of security patches, system updates, and software upgrades, but you can’t force an employee to install security patches or antivirus on their PC at home!

    Keeping your data safe after an employee quits

    When your employees are working from home using their own devices, how can you be sure you recovered all your data and erased them permanently from your former employee’s devices? How do you ensure they don’t have a copy of the sensitive information stored somewhere that could be misused intentionally or unintentionally cause a data breach.

    Safeguarding access to your data in case of unexpected events such a device theft or breakdown

    If your employee is using their personal device for work and it gets stolen, how do you handle the data loss and any data compromise that could possibly follow. Similarly, if something goes wrong with their device, how do you ensure your data is not lost and your work is not stalled? Also, if the device goes into repair, how can you be sure of the security of your data then?

    Challenges brought on by device sharing

    If your employees are using their own devices for work purposes, you can’t stop them from sharing their devices with friends and family. But, device sharing can put your data at risk of being stolen.

    Remember WFH is not necessarily just WFH

    When we use the term, WFH, the first image that comes to mind is of a person sitting in their living room or home office desk and working on a laptop. But, remember that’s not necessarily true. When you follow the WFH model, it enables your employees to work from anywhere! The recent ‘workation’ (work+vacation) trend that’s catching on quickly is a testimonial to this fact. For all you know, your employee may be working from the Starbucks two states away, or they may be at the airport sending that last report in before they take off for a vacation, or they may dial into that important meeting from the resort they are staying at–all instances where they may be using public Wi-Fi networks, compounding the risk to your data from cybercriminals.

    Let’s face it! The WFH environment coupled with the BYOD (Bring-your-own-device) makes organizations much more vulnerable to cybersecurity threats than the traditional office setup. However, that doesn’t mean there’s no solution. As a company, you can still put various mechanisms in place to ensure the safety and security of your data. You should also train your employees on how to safeguard themselves and your data from cybercriminals. A managed service provider (MSP) specializing in cybersecurity, data back, and recovery can help you with both of these. They would know what tools you can use to keep your data secure even in the WFH scenario and they will also be able to train your employees on the common mistakes that people make unwittingly which often leads to major data breaches.

  • WFH is here to stay Are you ready?

    WFH is here to stay Are you ready?

    The COVID-19 pandemic brought about tremendous, unimaginable changes across the world. Lockdown, shelter-in-place orders, ban on gatherings for safety purposes and national and international travel restrictions meant the world, and businesses couldn’t function as they were doing in the pre-pandemic times. Tradeshows went online, meetings happened from the couch in the living room, company parties meant saying cheers and sharing a glass of wine over a Zoom call with your video turned on. The transition to this work-from-home (WFH) culture on such a large scale and at this level was unforeseen, but it has happened nevertheless. While initially there were talks of this transition being short-lived and people resuming ‘normal’ lives in a couple of weeks, now it is clear that this trend is here to stay. Organizations and employees alike are seeing the numerous benefits of working from home.

    From the company perspective,three big benefits stand out: they include saving significantly on real estate expenses–with staff working from home they don’t have to spend as much on renting office space, an increase in productivity and a drop in absenteeism and employee turnover.

    From the workforce perspective, a lot of people are happier working from home as it helps cut the travel time to work and also supports better work/life balance. There’s a lot of flexibility, which is appreciated by employees with children or elderly parents who require caregiving.

    In light of these benefits for both parties, it is highly unlikely that we will ever go back to the traditional office setup. What is more likely to take shape is a mixed environment where employees are mostly operating remotely and perhaps stepping into the office once in a while for catch-up sessions. As homes expand to accommodate office space, traditional office spaces will shrink to include probably just a conference room for in-person meetings. While this makes perfect sense, there’s something here that you can’t ignore- Data security. WFH may keep your staff safe during the pandemic, but it may put your data at risk and jeopardize your data security if you don’t take the right precautions. Why? Because WFH often involves employees using their own devices for work purposes and that blurs a lot of boundaries. It also raises several questions from the data security perspective which makes it imperative that you have mechanisms in place to mitigate possible data loss, leaks, or misuse before you allow employees to use their own devices for work purposes.

    In light of these challenges, it makes sense to sign up for a service level agreement with a managed services provider, an MSP who specializes in data security, recovery, backup and cybersecurity, They will help you put security mechanisms, prepare IT policies to define the boundaries and regulations when your staff is operating from home and also train your staff in IT best practices and to identify malware infiltration attempts.

Name(Required)
Share a bit about what you'd like to discuss(Required)

This field is for validation purposes and should be left unchanged.
Name(Required)