How to avoid Cyber – Security incidents within remote work forces…
With more of your employees working from home, how ready will you and your employees be when a cyber security disaster strikes?
At Adroit Insurance & Risk, we’ve seen cyber attacks target businesses of all sizes, types, and industries. The unfortunate reality is that no business – whether you operate a small, mid size, large, or multinational corporation – is safe.
Not to mention that the costs to recover from cyber security attacks can be so severe that businesses without a safety net have no choice but to cease operation.
To back these statements, here are some alarming cyber security statistics from a recent 2019 study by the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), where:
- An average of 148 cyber crime reports per day were made, or one every 10 minutes.
- More than $890,000 in reported losses each day
- Annual estimated losses to cyber crime of $328 million.
- Victoria had the greatest proportion (3,023; 26.4%), followed by Queensland (2,997; 26.1%) and then New South Wales (2,930; 25.6%).
Despite these concerning numbers, the good news is that there are ways your business can reduce cyber security incidents from occurring in the first place.
We’ve gathered some of the best ways your business can avoid cybersecurity threats with a remote workforce and/or with more employees working from home.
12 Best Ways to avoid cyber security incidents with employees working from home
1. Install Antivirus Software & Firewalls
Whether your employees are using BYOD, bring your own devices, or devices provided by your business, it’s crucial to install (and regularly update) antivirus software and firewalls to properly protect your business from cybersecurity attacks. These are often the first line of defence when it comes to proper cybersecurity protection.
2. Ensure Employees Use Wifi Network Encryption
Using wifi networks without encryption exposes your business to malicious onlookers who can easily obtain sensitive and confidential bits of information about your business.
If your employees use default router passwords for their wifi network, it is recommended that they update it to a new and more secure password as default passwords may not provide you with the best wifi network protection. For an even stronger level of protection, a sub network can be created to separate the wifi network between your employee and their family members or other members of their household.
3. Set up a Virtual Private Network (VPN)
As an alternative to the above, setting up a virtual private network ensures your employees can log on to a secure and private internet connection – regardless of where they may be located. VPNs are encrypted and established to provide a higher level of privacy for users compared to a password-protected wifi hotspot.
4. Avoid Oversharing on Screens
All employees and business owners alike should be extremely cautious of what is shared on screens. Whether it’s during video calls or instructional screen-captured videos, personal details or other sensitive details may be unknowingly exposed and captured for online attackers to see.
To be safe, simply remove or block out all parts of your screen that are not necessary. This may appear a little strange but it is better to have your information secure than unintentionally exposed.
5. Beware of COVID-19 Related Scams
There is a wave of COVID-19 scams occurring in Australia, many appearing in emails, text messages, and even through phone calls. Be sure to educate yourself and your employees about how to identify such scams and respond to them accordingly.
6. Set Up Multi-Factor Authentication
Multi-factor authentication provides another layer of protection that makes it harder for cyber attackers to obtain access to your business’ sensitive information. Your employees can easily set up multi-factor authentication by connecting their mobile phones to receive codes upon logging in or by other ways such as creating security questions.
7. Regularly Update Software and Operating Systems
Updated software and operating systems ensure peak performance and functionality – including cyber security. Make sure all your employees are aware and regularly update their device’s software and operating systems for the best cyber security protection.
8. Provide a Security Incident Response Plan
A security incident response plan ensures your employees know exactly how to react if they ever happen to encounter a cyber security issue. This includes information about who to call (with details on operating hours), emergency procedures, and other response measures to effectively resolve the cyber security threat.
9. Backup Data
Backing up data ensures your business can recover more smoothly if there were to ever be a cyber security incident that takes place. It significantly reduces downtime and ensures your employees are able to continue their work as soon as possible.
10. Secure Devices When Not in Use
Make sure your employees lock their devices when they’ve finished for the day, taking a break, or whenever they’re not using their devices. This is especially important for employees who share devices with family – younger kids are more likely to get hold of the device and potentially misuse or mismanage work-related files and data.
11. Use Encrypted Communication For Sending and Receiving Sensitive Data
Encrypted communication means your messages are secured and inaccessible to intruders as it’s sent to and from users. Applications such as WhatsApp are known to provide established encrypted communication channels, and are widely used by users globally.
12. Be Cautious When Using Remote Desktop Tools
Remote desktop tools allow you to control another computer over a network connection and are used in many business settings. However, remote desktop tools are known to expose users to cybersecurity risks, so it is important to use only the most secure remote desktop tools or avoid using them at all.
With these 12 tips, you and your employees can be much more protected in the face of a cyber security incident or problem.
Cybersecurity Insurance – Your Ultimate Safety Net
But unfortunately, it’s important to understand that not all cyber security threats can be prevented. Cyber security attacks are becoming more sophisticated and advanced that it’s not only necessary to focus on prevention, but also just as critical to focus on response and recovery.
Luckily, there is a safety net that any business owner or manager like yourself can attain to properly protect your business.
With cyber protection insurance (otherwise known as cyber security or cyber liability insurance), your business will be able to stay afloat and be equipped with all the financial resources to make it to the other side.
Cyber protection insurance provides financial support for:
- Business Interruption Costs – covers the loss of net profit during recovery
- Fines and Penalties – covers costs due to breach of data
- Claims affected by third parties
- Extortion costs – in cases where payment is required to recover data
- Investigation and data recovery costs – covers forensic services following a data breach
- Response management – including PR or crisis management costs and more.
However, not every cyber security insurance plan is made equal, so it’s important to understand what is included, limited, and excluded in your policy.
At Adroit Insurance & Risk, we compare, analyse, and tailor cyber security policy plans that provide you with the most value and protection for your business. Our team of risk advisers are available 24/7 and will ensure your business sails smoothly regardless of what cyber threat or any other unexpected event you encounter.
This article originally appeared on Adroit Insurance & Risk Blog and has been published here with permission.