COVID-19's Impact on Cybersecurity for Remote Employees
As millions of Americans are working remotely while we face the COVID-19 crisis, employers are vulnerable to new security threats. Last week, Ralph Russo and Dr. Bill Rials, experts from the Information Technology Programs Department at the Tulane School of Professional Advancement, presented a webinar on these new cybersecurity concerns. Explore the summary below and learn more by accessing the session directly.
Steps for Businesses
Just as we practice social distancing to stop the spread of COVID-19, businesses can sequester programs and data to keep viruses and malware out. Create password-protected segments and give out access only as needed.
Like handwashing removes viruses before they can infect your body, antivirus software shields your network from threats. Update and patch your software as recommended by the manufacturer to keep it effective.
Businesses should caution their users to avoid unknown links. Clicking on unsafe content can leave your sensitive data vulnerable.
Make new security measures as smooth and seamless as possible for employees. Otherwise, remote workers may find a way to circumvent the system and go around security controls so they can more quickly and easily complete their work. However, do not lower existing measures to create ease-of-use, as this will also allow viruses to enter.
Create and circulate a clear policy for remote workers. It should establish how they should access company data and documents from home and inform employees of the do's and don'ts to follow while engaged in remote work.
All remote employees should use secure company-provided computers and devices with preinstalled VPN software. They should not use personal devices for remote work and vice versa.
Update your operating system software to avoid vulnerability. For example, Windows 7 no longer receives manufacturer support and should not be used.
Tips for Employees
As mentioned above, keep your personal devices and work devices completely separate. Remember that privacy provisions such as the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPAA) apply even in your home office. Avoid printing documents with personal information and shred all paperwork when finished.
In addition to patching your computer's antivirus software, you should also ensure your home wireless network software remains up to date. Protect your router or access point. These may become vulnerable. Make sure you contact your ISP to get all updated patches for your router. Always change the default password and make sure your ISP setup at home has a secure password.
Widely distributed Zoom meeting links can allow intruders to crash the meeting or accidentally invite unwanted guests. Create a password and give it only to those who are actually invited to your meeting. Identify any unknown people who pop up in your meeting and remove them.
Companies should also inform employees of common cyber concerns. Warn them about phishing attempts associated with COVID-19, including fake emails that purport to be from the Centers for Disease Control and Prevention or about the government stimulus program.