Cyber criminals are capitalizing on the mass migration of the American workforce to working from home
Corporate Information Technologies has observed targeted campaigns using false Coronavirus tracking apps, misleading national security related news alerts, and numerous health insurance related communications.
Cyber criminals are targeting both corporate and personal devices in an effort to gain a foothold into American’s home network and then indirectly into corporate networks.
This is the time to NOT gamble with your security.
Three actions every user can take to help secure the corporate information assets as employees are working from home:
- Understand the risks present on home networks and take steps to secure them.
- Every device in a network contributes to its security posture. Smart thermostats, light bulbs, kids’ iPads, etc. all contribute to the security of the network.
- Ensuring that every device is fully updated and its default admin accounts use a unique password.
- Where possible running a local firewall service drastically improves end-users’ personal security and indirectly that of corporate assets that are permitted to commingle.
- Communicate official notification channels that will be used by all key corporate services.
- Malicious actors are impersonating HR, Health Insurance, DHS, and targeted employers to attempt to lure end-users by malicious actors.
- Simply communicating what end-users can expect, from whom, and through what channels can go a long way to equipping them to detect malicious actors.
- Establish clear lines and an expectation of security-related activity reporting
- Consider what should an end-user do if they receive a possible fake SMS or legitimate sounding email (phishing) message. Who should they notify and how? Ensure end-users know this and are comfortable making such reports.
- The basic controls of the 20 Critical Security Controls come into play now more than ever as organizations quickly morph and adopt remote workforce practices.
- Knowing what systems are permitted to make connections, what data exists where, who should be able to access that data, and what software applications are permitted to access corporate assets.
- These controls together combat many of the inherent risks that many are confronting in this radical shift.
Employees working from home do not have to be a security issue for your business. CIT is here to help your business stay secure.