With the majority of people in the US under orders to shelter-in-place to slow the spread of COVID-19, there are also many more people working from home. Since a large number of employers weren’t prepared to transition most of their workforce to work remotely on such short notice, many employees are using their personal devices to connect to the company network. As a result, they create a larger attack surface for hackers who are well aware that employees will be connecting to their company’s servers differently.
In fact, there have already been multiple reports of coronavirus-related breaches such as the hackers who created the imposter John Hopkins virus-tracking map which will expose viewers to malware that steals credit card numbers.
Not letting this health crisis go to waste, hackers are also adept at replicating universities, federal agencies, and more providing fraudulent coronavirus updates hoping recipients will click on the malicious links. In addition, employees may not be protected by the company software and firewalls at home. Yet, it is time for a tech refresh and perhaps you can use these tips consistently.
Regularly update your software
Outdated software will not have all the latest security patches, leaving wide open vulnerabilities. Since you aren’t in the office, it might be more challenging for your company to update your software remotely. So then, make it a habit of updating your software in order to make it more difficult for cyber criminals to breach your systems.
Take it beyond just the applications on your computer, and make sure your operating systems are also up to date. Also, update your routers and verify that they are secure.
Keep an eye out for phishing emails and texts
Since this global COVID-19 threat is something many of us have never experienced before, nor have many of us experienced the shelter-in-place directives or the worldwide economic shutdown, it goes without saying that many people are not only stressed about their health, but they’re also stressed about the economy and world markets.
As a result, people are checking on the latest updates day and night to see whether the world has reopened and also for good news of an effective treatment and/or cure. But, while trying to stay on top of the latest updates, threat actors know that people are more vulnerable - especially when they’re in isolation and distracted with both fear and worry.
It’s easy for cyber criminals to portray emails and texts as legitimate coronavirus updates. During this time, it is crucial to keep from downloading sensitive company data onto personal computers and devices. The best scenario would be to use a work-issued laptop that is remotely patched. If an email or text seems phishy, take a look at the “From” and “Reply to” addresses and/or phone number. For instance, an email may state it is from the CDC but if the email address says CDC1@gmail.com instead of xxx@cdc.gov, then you know it is a scammer. The same is true of texts, verify the number before clicking on any links.
Take care of the small stuff
As much as possible, utilize multi-factor authentication. You want to add more layers of security to any work-related apps you use at home. Further, a password manager might be useful so that you don’t accidentally share any of your login credentials.
Use a VPN
It’s always a more secure environment when you have a VPN solution to create an encrypted network connection. Ideally, you should have access to a corporate VPN. If not, check with your employer about using a private/personal VPN.
Final Thought
With the global outbreak of the coronavirus, companies are starting to reevaluate their ability to secure data and devices when employees work from home. Unquestionably, many valuable lessons will be learned from this experience and can be used to mitigate any negative implications of future crises.
Reach out to us and see how we can help and ensure that your network is protected and running at full strength. Please stay safe at this scary time if any assistance is needed you can reach us at 201-402-1900 or email us at Sales@krsit.com.