As a lot of the pandemic security restrictions are being lifted in Utah. One security restriction you shouldn’t let slip is your cybersecurity. Many people are heading back into work and it is easy to let cybersecurity best practices get lost in the shuffle. Just because you are getting a respite from quarantine doesn’t mean companies are getting a respite from cyberattacks. In fact, cyberattacks are more prevalent than ever.
With everyone returning to work, companies should make it a priority to lock down remote access for anyone who does not still need it. While it may not seem like a big deal to turn off people’s remote access right now, it is considered a best practice. This practice is called the “principle of least privilege.”
The basis of this principle is that users are only granted permission to the bare minimum of what they need to do their jobs. This is an extra step to protect against malicious attacks. If a user were to become compromised, the attacker may not be able to view any sensitive data remotely based on the user’s permissions.
Anytime data leaves the protective shell of a company’s internal infrastructure, it instantly becomes more vulnerable. So, having everyone working remotely can pose a big challenge. You should be careful to make sure every precaution is being taken. Were proper channels in place and used during your work from home period? Remote connections are the primary way hackers will get into your system. Ensuring you are properly protected for both remote and in-office work will help keep the hackers out.
Phishing attacks are additional methods attackers use to attempt to enter your network and this pandemic has provided them with easy methods for phishing. From hackers impersonating an executive of the company, seeking help with remote work or claiming to be selling high-quality protective masks, hackers are adapting to the current environment to try to make their efforts more convincing. All it can take is a click on the wrong link for these attackers to have what they need and wreak havoc on your company. You must keep your team educated on these trends, so users are more skeptical when they hit their mailbox.
For anyone concerned about the legitimacy of an email, send it to your IT team. It is better to take the extra time to double-check than suffer the consequences of a cyberattack. A great tip to be extra-cautious is to never click a link inside an email. While you may have an add-on for checking safe links, this habit will help you when you access personal emails too. Instead, just open a web browser and visit a website directly instead of risking clicking on a potentially harmful link within an email.
Whether people are desperately seeking solutions to the current pandemic or distracted by kids or a barking dog while reviewing emails, it can be a lot easier to fall for these scams these days. Cybercriminals will not miss the opportunity to take advantage of the situation. If anything, they will try to target the vulnerable companies and employees. They will try to capitalize on the urgency of our circumstances.
Cybersecurity is a problem for every employee in every company. The weakest point of any system is always the person at the keyboard. If you don’t have regular cybersecurity trainings in place, reach out to IT resources and find out what kind of trainings they can provide. Every single person within an organization needs to build good security habits in order to mitigate the security risks.
If cybersecurity was not a priority for your company before, it needs to be now. Measures to keep your company and its employees safe need to be taken on now, before it becomes a real problem.
Bahar Ferguson is president for Wasatch I.T., a Utah provider of outsourced IT services for small and medium-sized businesses.