Reducing Cyber Security Risk for a Remote Workforce
March 19, 2021
Companies from all parts of the glass and glazing industry have implemented innovative, out-of-the-box ideas to improve business from the ground up. Here’s an Idea showcases these sometimes small behind-the-scenes ideas that can make a big impact on a company’s bottom line. If you have an idea that you would like to share, contact Norah Dick, firstname.lastname@example.org.
There’s no question that the pandemic has made remote work more of a necessity than ever before, a situation that has led to a rise in cyber security risks. According to “Cyber Security: Protocols for Manufacturers during COVID-19,” produced by the National Association of Manufacturers, the COVID-19 work experience can create unique vulnerabilities for companies, as employees’ home networks may not be as secure as traditional business networks.
What kinds of cyber risk are there?
There are many kinds of cyber security risks. According to NAM’s report, some of the most common cyber threats include ransom or ransomware, an attack during which a third party infiltrates a company’s network, and remotely holds a company’s files or systems hostage, restricting access until the person’s money demands are met. Additionally, a phishing scam can arrive in the form of an email, or attached document, that seems to be from a trusted source but is designed to allow a third party to steal the email recipient’s, or the company’s, information.
What can an employer do?
Update all systems
eSentire, a cyber security firm, recommends that companies ensure that all computer systems are up to date, including workstations and servers. The firm also recommends restricting the downloading of applications.
Create a closed or segmented network
NAM’s guidelines also recommend implementing a virtual private network, or VPN, for home network users. This kind of network is closed, securing it from outside users, and offers a secure and encrypted connection between devices and the company server. A company can also divide its network into several segments that are not connected, which limits the impact of a data breach in any one segment.
Both NAM and eSentire emphasize the importance of employee training. This includes making staff aware of the ways to securely access the company’s systems, and what current cyber threats look like. Sending employees “tests,” such as practice phishing emails, is one tool to gage employees’ understanding.
What can employees do?
Follow email best practices
As stated, phishing scams are a common type of cyber-attack that employees should be aware of. The IT solution firm designData recommends that users always hover over links in emails to make sure they’re legitimate, and to never click on an attachment until the reader determines that the email is legitimate. Users should also distrust emails that have threatening language or ask for personal information, they say.
Follow password best practices
According to a 2019 Verizon data breach report, 81 percent of data breaches resulted from stolen or weak passwords. DesignData recommends that users ensure that all accounts have different passwords, with a length of 15 characters or more. The firm also recommends password managers, such as LastPass, that generate unique passwords for all accounts, as well as two-factor authentication applications that require users to provide two pieces of information in order to access an account.