sb-as logo
Story image

Remote workers need to improve security measures amidst COVID-19

Technological support and security measures are amongst ways organisations and their employees can protect their business as they move to remote working during the COVID-19 pandemic. 

Digital security firm Avast is providing tips on how people can safely work from home during the outbreak, as more companies across the world make plans to help protect their employees from the coronavirus.

Jaya Baloo, CISO at Avast, shares the following advice companies and employees can follow to keep their devices safe from virtual viruses while they shield themselves from the physical coronavirus:

1. Corporate security measures

According to an Avast survey, an average of 49.75% of people worldwide said they don’t receive the technological support or expertise they need when working from home or in a public place from their employer, which makes security an increasing issue. 

Baloo says companies preparing to send their workforce home should ensure they have the support they need to safely work remotely, and take the following steps:

  • Make sure employees use pre-approved laptops and smartphones to access corporate materials, including their emails, tools and documents. These devices should have business-grade security solutions installed on them and be controlled by the company IT department, if applicable.
  • Arm employees with a list of phone numbers, so they can reach out to a human from their IT team or other responsible person in case they have any IT issues.
  • Inform employees of the hardware, software, and services they can utilize that are not company issued, but could help to connect and share files with colleagues during the special circumstances.
  • Lay ground rules for employees when it comes to using personal hardware while working from home, such as printers.
  • Provide employees with VPN connections they can use to protect their communications
  • Enforce two-factor authentication wherever possible to add an extra layer of protection to accounts.
  • Make sure employees have limited access rights and can only connect to the services they need for their specific tasks, rather than giving employees access to the entire corporate network.
     

2. Measures employees can take

According to Baloo, there are basic measures employees forced to work from home can take to strengthen the security of their home network  which will make working from home safer. 

"Employees should log in to their router’s administrative interface to change the device’s login credentials, and also change their Wi-Fi password to a unique and strong password that is made up of at least 16 characters and which ideally is a passphrase, making the long passwords easy to remember," he says.

 According to the Avast survey, 37.1% of global respondents aren’t aware their router has a web administrative interface where they can log in to view and change their router’s settings. 

"We also recommend users check if port forwarding and UPnP are enabled within their router settings and, unless these are being knowingly used, they should also be disabled," says Baloo.

 "Users can also use features like Avast Wi-Fi Inspector, included in all versions of Avast Antivirus, to check which devices are connected to their network and to check if these are exposed to risks," he says.

"Networks are only as secure as their weakest link, so it is important to make sure all devices connected to the network are secure, as they could be potential gateways for cybercriminals to access other devices connected to the home network," explains Baloo. 

"Wi-Fi Inspector scans the network, checking for devices using ports with empty, default, or weak passwords, and alerts users of these, so they can make a change to secure their network. It also checks IoT devices for passwords that are known to be used by malware botnets in the past, such as the widespread Mirai botnet."

While working from home during the outbreak, Baloo says employees should also be on the lookout for phishing emails related to the coronavirus including spear phishing emails. 

"These can appear to come from within the company, and can include attachments, links, or a request. It’s important for users to verify the sender’s email address or contact the sender via a different channel to confirm the message was sent from them before opening any attachments, links or fulfilling a request," he explains.

Download image
Hardware Security Modules - and why they need to be virtualised
Unbound's vHSM provides advanced key management functionality, as well as easy and secure remote administration support - meaning there is no need for users to compromise on security any longer.More
Story image
Huawei all-flash arrays scoop 'Recommended' rating from DCIG
The DCIG guide has recognised Huawei’s OceanStor Dorado V6 and OceanStor F V5 series, which have both achieved ‘Recommended’ ratings. More
Story image
Improving network security by ‘deflecting’ cybercriminals
Even with the best perimeter defences in place, malicious actors can still gain access to a network and resources connected to it. But a new technique has made it significantly easier to spot these cyber-attackers.More
Story image
Three-in-one cloud security can ease business through difficult times
By leveraging a comprehensive security platform, organisations can block threats and prevent leakage for all interaction between endpoints, devices and apps, writes Bitglass product marketing manager Juan Lugo. More
Story image
A third of millennials think they're 'too boring' to be victim of cyber attack
While many millennials are concerned at how their data is being used and whether they are being targeted by cyber-attackers, according to Kaspersky any potential action taken to tighten their online security is at ‘the bottom of their to-do list’.More
Story image
OkCupid website and app found to have significant security flaws
The popular online dating service has been found to have several vulnerabilities which, if exploited, could put the private data of users in danger of being stolen.More