Is your organisation prepared for your employees to work from home?

Experts are warning of the likelihood of a new wave of cyberattacks targeting people working remotely due to corona virus concerns.

In the past few days we have been inundated with headlines such as “Hackers are using corona virus concerns to trick you” (Marketwatch); “We weren’t ready for a pandemic, but we better be ready for a cyberattack” (Washington Post) and “Hackers are jumping on COVID-19 pandemic to spread malware” (TechCrunch) .

Every Australian business should be planning for an increase in cyber attacks as cyber criminals will try and capitalise on the chaos caused by mass workplace closures and the huge increase in workers accessing business information systems and networks remotely. During this time it is especially important to ensure that your client’s and your company’s data remains protected.

Below are ten quick tips to implement to boost cyber safety during this uncertain time:

1. Boost network security: Ensure you have effective firewalls and anti-virus software in place. Configure your email systems to be defensive and also limit the number of administrators. Provide email and systems access at levels on a “needs only” basis. Ensure that firewalls and antivirus safety mechanisms will apply when users access your systems remotely.
2. Dual factor Authentication: Use best practice password management and use strong multi factor authentication to log into company networks and information systems and emails. Insist that your workers do not use personal passwords as business passwords
3. Encourage your workers to take extra care and slow down when accessing work information systems and data: Take time to read emails carefully. Don’t open unknown links. Be suspicious and look out for poor grammar, unusual wordings or ambiguities. Think about what hackers might try and do. Do not open and download emails with Corona updates unless you can verify the source!
4. Check facts and confirm information requests: Check payment details and confirm account numbers before making any payments. Not only are cyberattacks more likely right now, but so is the risk of cyber security-related fraud.
5. Keep systems updated and implement patches when issued: A vulnerability in an information system is the easiest way for hackers to gain access to your systems. Hackers monitor when patches are issued and pry on systems that don’t implement these updates.
6. Implement a Mobile Device Policy. Make sure every member of your workforce knows and understands your company rules about remotely accessing emails, data and information systems and implements these rules properly and consistently.
7. Don’t download sensitive data or information on mobile devices: Many company’s insist on a VPN (Virtual Private Network) being used when accessing work resources. Make sure the IT department communicates if a VPN is needed and which one should be used from your remote devices. Review and amend any confidential or sensitive data in viewer mode without downloading on to your personal devices.
8. Check the security of any websites accessed: Many internet websites store your passwords and these can be used to guess work email logins and passwords. Change your passwords to unique and difficult to guess symbols, letters and numbers.
9. Review email alerts and forwarding rules. Also check these on your mail app.
10. Don’t assume an email sender is legitimate: Be suspicious and look out for red flags. Be particularly cautious if a senior executive or manager of your company emails you unexpectedly.

Even though it may be a scramble to get ready for your employees to work from home, implementing a few of these basic steps will help ensure that data remotely accessed is protected.

Good Luck!

Gillian Collins
Founder and CEO Cybersafe Legal

About Cybersafe Legal

At Cybersafe Legal, we are known for our professional, honest and easy approach to cyber education and risk management. We offer solutions that take the worry out of the complex cyber security process and also acknowledge the specific cyber issues which exist in your industry.

cybersafelegal.com.au
1800 717 510
info@cybersafelegal.com.au