Isolating yourself is one way of many that the individual can do to stop the spread of the SARS-CoV-2 (COVID-19), and companies has asked their employees to work from home. However, many companies are not ready for this pandemic and do not have security policies in place to tackle working from home which results to cybersecurity threats.
Companies should be aware of the threats they face for data and network access while employees access the corporate networks and services from their homes. Normally, if the data and access is kept internally within the corporate network the risk would be limited between the servers and the end-user inside the corporate network.
According to UK’s National Cyber Security Centre (NCSC), hackers are using various technics to elude user security. For example, social engineering , a method used to trick the user to click a link or a post which leads to a phishing website. There are different methods of phishing and that can be done via email, conference tools such as Zoom or even SMS. Their goal is to steal sensitive data from the user such; usernames, passwords or bank details, etc.
Given the current situation of the SARS-CoV-2 (COVID-19) where a big part of the workforce is working from home, hackers see this as a perfect chance to obtain sensitive information from employees working from home. AWTG presents some security tips for anyone working from home:
- Securing work devices physically such as laptops is one of the best practices the individual employees can do, this means not leaving the device logged in when you are not using it for extended periods.
- Devices must be protected with a strong password and don’t ever share the password to anyone.
- Use home internet access point (Wi-Fi) and not a public Wi-Fi , make sure it is protected with strong password.
- Connect to your corporate network via encrypted VPN.
- Make sure your work device is not visible to other devices in the network.
- Do not mix your work devices with personal devices, this means don’t use work laptops to finish your personal tasks such as using private email on work laptop or paying bills, etc.
- Do not open any links or files attached to an email from unknown source. If you must open file attachments or follow links, then contact the sender to double check validity of the attachments or links.
- Turn on device firewall.
- Notify you IT administrator for device updates.
Following these recommendations will keep your data and company’s data safe and secure, remember to report to your administrator any suspicious activity on company devices such as laptops or receiving an email that you think it is a spam. Hackers are using such crisis for their own benefits; however, they can be prevented by following the recommendations presented here.