Maintaining Safe Cybersecurity Practices for Remote Workers

This past Saturday, multiple news outlets reported a massive cyber attack infiltrating personal cell phones, mainly iPhones.

The attack used a spyware program called Pegasus to infiltrate apps like iMessage or by having victims inadvertently click on a link containing a virus. Similar to ransomware, this spyware exists in a smartphones memory, making detection difficult. It allows hackers to read text messages and emails, tracks user’s locations, activate systems like the camera, and more. Spyware is very dangerous and leaves the users very vulnerable. For more information on this cyber breach click here: https://time.com/6081622/pegasus-iphone-spyware-hack/.

Companies spend a lot of money and resources to ensure their company protocols and trade secrets are kept confidential; employees sign nondisclosure agreements and there is likely a complex anti-virus system installed on all company computers.  But there is one growing risk that needs to be addressed, your employee’s personal cybersecurity. COVID-19 has taught us that we no longer need to be sitting in a corporate office building to work;  employees can work from home, on the go, or in a local coffee shop. So, it doesn’t matter if your company has the best anti-virus protection; if your employees are working from an unsecured device or location, you are at high risk for a cyber attack.

In a world where employees need to be work accessible at all times, how can companies stay protected against a cyber attack? We have compiled a list of tips to keep Cybersecurity top of mind for a remote workforce.

Employers need to take the following steps to protect the companies cybersecurity:

1. Adjust Your Cyber Strategy – Ensure you evaluate your cybersecurity strategy, budgets and prioritize investments to improve the companies cybersecurity plan regularly.
2. Step Up Cyber Training and Exercises – Employees can’t help mitigate risk if they are unaware. Employees need to be informed of new cyber threats and reminded of their role in effectively preventing, detecting, responding to and recovering from cyberattacks. Set up training exercises and workshops for all employees regularly.
3. Install a secure connection to connect to the company network – Ensure the company VPN is configured to use multi-factor authentication. Note, this is difficult if employees access company data, such as emails on their cell phones.

Employees need to take the following steps to protect the companies cybersecurity:

1. Not connecting to the company network with any unsecured public Wi-Fi. Working from a coffee shop or having a lunch meeting is very intriguing. But, it is very unsafe to connect to a public WIFI connection.
2. Creating new and strong passwords their your laptops, mobile devices, and emails regularly.
3. Not clicking on anything they think could be unsafe or from an unknown source.
4. Disabling Bluetooth audio discovery and auto-connect on their smartphones and laptops.
5. Being text message aware – Don’t respond to text messages from people they do not know. Do not respond to unsolicited text messages from companies or organizations.
6. Not using the same passwords for multiple sites.

If you have any questions about what cyber coverage you need or how to reduce your risk of a cyberattack, please contact Mike, our business insurance expert, at 709-726-4498.