Working in the tech sector for over 20 years and focusing on cyber security, we’ve advised many on current threats facing businesses in the connected world that not everyone would normally be aware of. With the Covid-19 outbreak and the rush for everyone to work remotely one thing is clear: This is an absolute perfect storm for hackers – many of which are already taking advantage of the opportunities for ransomware payments, stealing sensitive corporate and financial data, and more.
Beyond the obvious workflow, management, and connectivity challenges – there are inherent security risks that open vulnerabilities for businesses with remote workers:
- Many remote access apps lack security controls and VPN connections are typically set up ad-hoc without proper security guidelines.
- There are many home WiFi networks that remain unsecured, or remote workers are using unsecured public WiFi at local coffee shops etc.
- Few home computers/personal laptops have sufficient antivirus/malware software or have allowed their updates to lapse.
- Very few homes have an adequate and up to date firewall.
- Many home users don’t keep up with the latest Windows or OSX security patches on their devices.
- Backups of personal devices are not being managed by qualified IT staff.
- Multiple unsecured personal devices: mobile, PDA, etc. are being granted full access to corporate data.
Combine all of this with the rush to have people working remotely; IT staff will be overwhelmed and there will be a lot of room for error.
Scams targeting remote workers via phishing and other means (even SMS, iMessage, WhatsApp, WeChat and others) will be also increasing significantly. On Friday, the Department of Homeland Security’s cyber agency (CISA), issued an alert pointing to specific cyber vulnerabilities around working from home versus the office. Not only can remote workers put their own privacy at risk but working from home can result in breaching company security as well.
There are many things your company can do to protect against the onslaught of cyber attacks that are happening right now. Please contact us if you’d like a consultation or just want to learn more. Even if you don’t use our services to help, please talk to your IT teams about securing your infrastructure today.
PLEASE DO NOT UNDERESTIMATE THIS DANGER TO YOUR BUSINESS.
Thanks and be safe!