Before the pandemic forced millions of workers into working remotely, cybersecurity risks were already intensifying. Last year saw some of the biggest attacks to date as billions of records were exposed. Today, however, as companies contend with having their data centers rapidly decentralized, some security firms are citing 800% increases in calls regarding cyber-attacks.
About the author
George Brasher is the UK Managing Director at HP.
In the early days of this unprecedented disruption, IT decision makers had to scale work-from-home capabilities almost overnight, and the monumental task of keeping a company’s information secure is now more difficult than ever. With 96% of office employees currently working at home, and a large proportion set to remain in a remote capacity after lockdowns are eased, here’s how IT management can continue to keep workforces operating smartly under extreme circumstances.
‘Always on’ education for your end user
Employees are busy trying to maintain business as usual, but they’re also distracted by profound societal changes. With the massive increase in video conference calling for both work and social catch ups, malicious hackers and opportunistic troublemakers are targeting these systems. That reminder of network and platform best practices dispatched several weeks ago could have easily been overlooked.
Right now, steady communications that remind workers of their responsibility and the resources at their disposal are critical. In the absence of a physical IT department, remind them where to report an incident or seek guidance and best practices including approved platforms for video conferencing. Remind them what the common signs of phishing attempts are and how to protect themselves as well as the company’s information.
Don’t lose sight of real-time device activity
From being duped by phishing attempts to not using complex passwords, human error among the user base is a known danger for all IT managers. Shockingly, 95% of organisations say their cybersecurity culture isn’t as good as it should be, according to an ISACA Cybersecurity Culture survey. During this time, though, it could be even worse. According to CheckPoint, COVID19-related domains are 50% more likely to be malicious than other domains registered at the same period.
Actors are capitalizing on people’s desire for information about the pandemic; Cyberthreat researchers at Barracuda Networks saw a 667% increase in malicious phishing emails that claimed to be about ways to protect yourself from coronavirus to trick people into opening emails containing malware. This quick action may be part of the reason that 69% of security decision makers feel that the bad guys are always one step ahead.
Employees must do their part. Devices should have updated software and the use of multi-factor authentication should be standard practice. Users should also be reminded that work laptops should not be shared with other members of a household. In fact, one of the most effective things any home working professional can do is to set up and use different W-Fi networks. This means you keep your work computer on one, and other connected devices like smart thermostats or voice assistants on another. Even if that means getting an upgraded router that supports this.
But IT managers should make sure that suspicious activity reports are as close to real time as possible. This requires a blend of securely designed hardware and the latest software—both of which must be intuitive to end users and implemented across the company’s entire technology ecosystem. These tools allow IT teams to identify and isolate incidents that end users may not even be aware of—an essential capability for keeping any workforce, but especially a remote one, secure.
Continue to move forward, even once your approach is stabilized
By now, remote workforces are weeks or even months into a new normal way of operating. On top of continuing to keep things secure, however, IT professionals have to consider several things on the horizon.
At some point there will be a move back to offices which will require another systematic transformation. Some people will also want to continue working remotely, now that it has become more common.
Now is the time to start mapping out what those changes will look like and what guardrails need to be put in place. Companies should appoint a task force to determine how work-from-home policies will change once offices re-open, as 40% of IT decision makers say they’ll tighten endpoint security as a result of Covid19 . IT teams should determine what is needed—from devices, to communication systems and more—for them to adapt to having more remote end users long-term.
When this pandemic spread, nearly every company was unprepared to implement such massive transformation so quickly. However, by continuing to prioritize cybersecurity and by acknowledging that our ways of working are forever altered, the next wave of change doesn’t have to be so disruptive, for IT professionals or for employees.
As part of HP’s commitment to supporting the workforce and maximizing cybersecurity, we’re offering free access to HP resources, such as Sure Click Pro and security webinars.