Teleworking Cybersecurity
To help employers of any company, large or small, Google explains what good practices they can implement for the security of your business when your staff works remotely.
- More Secure Logins Thanks To Two-Step Authentication: By setting up two-step verification, you greatly reduce the possibility of someone gaining unauthorized access to your account. In our research, we have found that an SMS code sent to a recovery phone number can block 96% of massive phishing attacks and 76% of targeted attacks. Likewise, the security keys made it possible to block 100% of massive phishing attacks and 100% of targeted attacks.
- Keep Systems Up-To-Date: Whenever possible, enable automatic updates to ensure you have the latest security fixes and built-in protections against malware and phishing. The automatic update must be enabled for all the software that your company uses, as well as for the CMS of your website. If automatic updating is not possible, periodically check for available updates. Avoid using applications that do not offer security options (for example, those that do not have an update option).
- Save A Backup Copy Of Your Company Website: The backup copy of your company website will be used to restore it and recover the original content. If possible, use the automatic backup feature and make multiple copies (for example, one online and one offline).
- It Implements The HTTPS Protocol: HTTPS is a mechanism that allows a browser or an application to connect securely with a website. When you load a web page in simple HTTP, your connection is not encrypted, which means that anyone on the network can see any information that is transmitted and received and can even modify the content of the web before you see it. On the contrary, with the HTTPS protocol, your connection to a website is encrypted, so no one can spy on you and the information you send to the website (for example, passwords or credit card details) will be private.
- Train Employees: The training you provide your employees to learn to be safe can improve the safety of your company. Regularly offers training and resources, both general and specific; define clear rules and responsibilities for employees (for example, how to install and use the software); design protocols for reporting security-related incidents and events, such as malware or phishing attacks, and rewards employees who report such incidents. It is important to have guidelines for the use of social networks and the treatment of sensitive data (privileged access, access restricted by default, and periodic audits).
- Secure The WIFI Network: Run a router firmware update. Make sure you have a strong password and consider replacing it, if you have not done so in a while, with a new long and unique password. Remember to enable WPA2 encryption and enable the router’s firewall. If you have employees with technical knowledge, they should make the router ‘invisible’. This can be done from the router panel.
- Use Of Work Devices: Tell your employees that they should avoid using work devices for private activities to reduce the risk of phishing and malware. During the current coronavirus outbreak, people tend to search for up-to-date information on the spread of the virus and could unknowingly download malicious files that infect their work devices. Also, workers should use the screen lock even when they are at home, especially if they have children. Also, remind them not to share critical business information over unencrypted connections.
Don’t forget to provide your employees who work from home with basic security tips such as beware of phishing emails; make sure you have the antivirus installed and fully updated; check that your security software is up to date.