Many CISOs and CIOs are dealing with the advent of employees who work from home (WFH) and/or work from anywhere (WFA) as it relates to keeping networks and data secure. In this article, we discuss WFH and WFA cybersecurity best practices for organizations to maintain vigilant security standards.
Ensuring Remote Workplace Cybersecurity
IT departments in the workplace have safeguards in place to protect sensitive data – this includes secure networks, anti-virus software, custom firewalls, online backup tools, etc. But, when working from home or at your local coffee shop, for example, employees are often sharing an unsecured network with others without proper safeguards in place. This creates an open environment for malicious attacks, such as phishing and ransomware.
The start of the COVID-19 crisis began an exponential rise in those working outside the workplace on a worldwide scale. As the pandemic continues, many businesses plan to continue this trend. There are indeed some benefits in terms of productivity and safety; however, the uprise in cybersecurity attacks is overwhelming and needs to be addressed.
WFH and WFA Cybersecurity Risks
The average cost of a data breach increased by $1.07 million due to the recent shift to a global remote work environment. Furthermore, findings indicate that 95% of cybersecurity attacks result from human error.
When employees work from home, there are more attack vectors made available to hackers, such as phones, tablets and PCs. Even more frightening is the fact that fewer than 3% of organizations protect their employees’ mobile devices.
Providing your employees with proper WFH and WFA cybersecurity training, will reduce the likelihood of a successful social engineering attack or data breach affecting your organization. With many employees having access to sensitive data, it is worth the time to invest in your employees as much as you do your software and technology updates.
WFH Security Best Practices
- Set up a secure network with a VPN that is not shared with other family members and friends
- Do not share devices or passwords (laptops, tablets, phones) with family members and friends
- Ensure you have strong firewall and anti-virus applications in your home office setting
- Be wary of devices such as Amazon’s Alexa or Google Home. Recorded conversations can be used by hackers to overhear confidential information
WFA Security Best Practices
- Keep screens (laptops, tablets, phones) away from prying eyes
- Do not access a public network – unless you have a VPN available on your device
- Use Mobile Device Management (MDM) and Mobile Application Management (MAM), which aid in data encryption, malware scans, anti-virus and end-point detection
Learn More about GLS Security Training
As remote work becomes more and more common, it is essential for all companies to put in place the necessary infrastructure as well as applicable security guidelines, plans and policies to minimize their exposure to cybersecurity risks. WFH and WFA cybersecurity awareness training for employees is crucial to mitigating potential threats to company data and systems.
GLS provides the education and training for employees to stay vigilant in avoiding attacks such as phishing and ransomware.