4 Cybersecurity Essentials for the 2020 Remote Workplace
May 11, 2020 By Christopher George cybersecurity, IT
The global COVID-19 pandemic has largely changed the way we work. From cloud and hybrid cloud to on-premises environments, the rules of cybersecurity remain the same – and so do the methods of attack – but this time with a renewed vigor.
From whaling and phishing to malicious sites, knowing how to recognize these threats and their methods of delivery, along with what to do in the event of an attack are all major factors in prevention. Here are 4 things that will help keep your employees (and your environment) safe in the remote workplace.
- KNOW HOW TO RECOGNIZE THE VARIOUS ATTACKS
While many of these attacks are considered mainstays in the cybercriminal’s arsenal, it’s important to keep their definitions in mind as the telework space becomes more common.
- Phishing is when attackers attempt to gain information from you that you wouldn’t normally give out by masquerading as someone else, usually via email.
- Whaling is a form of phishing that focuses on a specific high-value target within an organization. For example, a staff member in accounting receives an email that appears to be from the CEO or other high-ranking executive asking them to wire a large amount of money to a third-party.
- Ransomware is malicious software attackers use to deny access to systems or data, and in most cases, require a monetary payment or ransom to regain access to the effected systems.
- KNOW THE METHODS OF ATTACK DELIVERY
As more people work from home without their IT organizations in close proximity to guide them through times when threats ramp up, it’s absolutely critical to know what these attacks look like and their methods of delivery. Phishing attacks via email have become more sophisticated. These malicious file attachments have been disguised as documents related to COVID-19, along with emails from senders posing as legitimate sources, such as United States CDC, Department of Homeland Security and World Health Organization. While everything looks legitimate on the surface, the embedded links direct those who clicked on them to a login page designed to steal email credentials.
Remote video conferencing tools, such as Zoom, along with other remote working platforms and virtual private networks also pose a wide range of vulnerabilities attackers can easily (and effectively) use to steal sensitive data. One of the more clandestine threats among this method of attack is the presence of macro viruses in documents downloaded from work platforms that can quickly spread across a telework network before being detected.
- PRACTICE GOOD SECURITY HYGIENE
Translating the same personal-hygiene precautions we take to ensure our health into our cybersecurity measures is the key to reducing risk and keeping our devices, networks and environments safe. Here is a short list of best practices that should always be followed, regardless of IT environment type or workplace.
- Keep software up to date.
- Use a multi-layered security solution, such as Protelligent’s Premonition™ Security Suite.
- Use multi-factor authentication and end-to-end encryption.
- Only use devices and connections approved by your IT department.
- Keep and store current data backups off-site.
- Watch for spelling or grammar errors in emails.
- Hover over email domain and embedded links to verify senders and domains.
- Use anti-virus software to check every file downloaded from a work platform before opening it.
- KNOW WHAT TO DO IN THE EVENT OF AN ATTACK
Effectively protecting your systems and data from phishing and other malicious attacks means training your team to follow these steps to contain a potential infection:
- Immediately notify the IT department.
- Isolate the infected computer.
- Immediately secure backup systems or data by taking them offline.
- Contact law enforcement and if possible, collect and secure partial portions of the ransom data that may exist.
- If possible, change all online account passwords and network passwords after removing the system from the network.
- Call Protelligent’s certified IT architects.
Leaving any part of your organization’s security to chance (global pandemic or otherwise) is simply non-negotiable, especially now, as we navigate the challenges of how we continue to effectively leverage the remote workplace. Partnering with a managed-services provider, like Protelligent®, who has the certified knowledge and experience to effectively adapt your IT infrastructure through every challenge will always be the best way to protect your business. Call us at (855) PRO-TELL to get the peace of mind you need to grow and thrive in every climate and circumstance.
Recent Posts
Archives
- August 2020 (1)
- July 2020 (1)
- June 2020 (1)
- May 2020 (1)
- April 2020 (1)
- March 2020 (1)
- February 2020 (1)
- January 2020 (1)
- December 2019 (1)
- November 2019 (1)
- October 2019 (1)
- September 2019 (2)
- July 2019 (1)
- June 2019 (3)
- April 2019 (1)
- March 2019 (1)
- February 2019 (1)
- January 2019 (1)
- December 2018 (1)
- November 2018 (1)
- October 2018 (1)
- September 2018 (1)
- August 2018 (1)
- May 2018 (1)
- March 2018 (1)
- February 2018 (1)
- January 2018 (2)
- December 2017 (2)
- November 2017 (3)
- October 2017 (3)
- September 2017 (2)
- August 2017 (3)
- July 2017 (2)
- June 2017 (5)
- May 2017 (7)
- April 2017 (5)
- March 2017 (5)
- February 2017 (1)
- January 2017 (5)
- December 2016 (1)
- October 2016 (4)
- September 2016 (1)
- August 2016 (3)
- July 2016 (1)
- June 2016 (1)
- May 2016 (1)
- April 2016 (1)
- November 2014 (1)
- July 2014 (2)
- June 2014 (1)
- May 2014 (3)
- April 2014 (3)
- March 2014 (1)
- February 2014 (2)
- January 2014 (3)
- December 2013 (1)
- November 2013 (4)
Categories
- Community (19)
- Cloud (18)
- IT (16)
- cloud backup (16)
- cybersecurity (15)
- cloud backup data recovery (9)
- cloud computing (8)
- clouddr (8)
- it security (8)
- cloud storage (7)
- data security (7)
- AWS (6)
- Education (6)
- cloud services (6)
- Giving Back (3)
- cloud restoration (3)
- compliance (3)
- data (3)
- assessment (2)
- business (2)
- chief information officer (2)
- client satisfaction (2)
- cloud data recover (2)
- cloud dr (2)
- critical power exchange (2)
- cyber (2)
- cyber responsibility (2)
- data recover (2)
- datacenter (2)
- duo security (2)
- end-to-end encryption (2)
- hackers (2)
- holiday season (2)
- internet (2)
- storage (2)
- 2019 goals (1)
- Android (1)
- Arts (1)
- Business Continuity (1)
- CASBO (1)
- Cisco Cloud Web Security (1)
- Cisco Security Intelligence Operations (1)
- Custom Design (1)
- Graphics (1)
- Protelligent (1)
- Virus (1)
- account protection (1)
- advanced persistent threats (1)
- alien vault technology (1)
- alienvault technology (1)
- antivirus program (1)
- antivirus software (1)
- apis (1)
- apt (1)
- attachment (1)
- attack (1)
- automatic updates (1)
- awareness (1)
- backup (1)
- benefits (1)
- best practices (1)
- bot-driven attacks (1)
- bring your own device (1)
- bug (1)
- business growth (1)
- byod (1)
- california joint powers insurance authority (1)
- california jpia (1)
- check cashing (1)
- cisco (1)
- cjpia (1)
- client testimonial (1)
- cloud backup vs cloud storage (1)
- cloud computing services (1)
- cloud conversion (1)
- cloud migration (1)
- cloud recovery (1)
- community link consulting (1)
- compliance program (1)
- compliance regulations (1)
- computer science (1)
- computer security (1)
- computers (1)
- contain attacks (1)
- cost of cybercrime (1)
- cost of data breach study (1)
- critical power (1)
- critical power products & services (1)
- customer testimonial (1)
- customer testimonial video (1)
- cyber liability (1)
- cyber-threat (1)
- cybercrimes (1)
- cybercriminals (1)
- cybersecurity program (1)
- data access (1)
- data breach (1)
- data breach protection (1)
- data center (1)
- data encryption (1)