With more remote work expected to continue, the new normal of everyday office work looks like it will still happen in the home or from anywhere that workers have internet access. It is thus vital to relook at some of the security mechanisms in use and how you intend to keep staff and company communications and data safe.
At the peak of the global move to remote working, there were over 1.5 billion people working in this manner. The general process has been for companies to provide access to office data and systems in the cloud, through platforms such as Office 365 and Google Workspace. This mode of work allows for the employee to simply access the system, and send and receive information from anywhere with an internet connection. There are certain expected security protocols implemented with these setups, but the main focus has been the company data and access to this information in the cloud.
However, it has been shown that the weakest attack vector is the simple email.
Email hacks have cost UK businesses a total of £3.8 billion in the year to February, 2021. There are many more reported instances of these hacked accounts then being ransomed or being used to create intricate fraud and money laundering rings.
How to deal with email hacks: There are some creative email tips and tricks as to how this can be prevented and avoided. But the main thing to do is to update your security settings and change your passwords and then keep an eye on your sent mail.
This is the catch-all term for all malicious software that is used by cybercriminals to extract data that they can then leverage for financial gain. Viruses and worms can be sent through the email system or infected links are sent using a hacked account to unsuspecting recipients from the company address book. Such Trojan horses and spyware can then be used to access secure information across the entire system and all the related accounts that the email is sent to.
How to deal with malware: Ensure that you and your remote employees practice password cycling. The passwords must all meet the standards for strong passwords and must be changed regularly. The result is that even if a password is compromised, it will only allow access for a limited time.
Spam is a huge waste of employee time and resources and is the main access route for malware and viruses onto a company’s systems. It is a term that refers to all types of unwanted, unsolicited digital communication that gets sent out in bulk. It is generally sent via email, but can also be sent as texts and messages. This bulk communication is the main form of Spam, but it has also started becoming more sophisticated, with more genuine individual emails being sent to trick users into clicking on a link or downloading viruses.
How to deal with spam: Your company’s IT professionals must implement a spam scanner for all emails and e-communications. Emails with even a hint of malware and any suspicious files must be blocked and prevented from being opened.
Using computers, telecommunications and social media messaging and emails, the scammer or fraudster convinces the victim to provide sensitive information. So, it could be an email asking you to confirm your company’s bank details or it could be as simple as confirming your manager’s phone number and email address. Phishing is a real concern and although it seems quite a simple trick, it is effective in convincing many people.
How to deal with phishing: This is one of the most basic means of obtaining access to the system. Employees and all users must be informed and updated as to the latest scams and cyber-crime attempts. No information should be given out to anyone who can’t prove their access rights. Regardless of how simple the request may seem, if it is from an unknown source then no information should be divulged.
Email security is often neglected in favor of network and data security, yet if remote workers are educated in this regard they will be more able to detect a possible security risk and breach. This article highlights some basic steps that could save you and your business a great deal of time, money and damage. Constant vigilance may seem like an overreaction, but there are many instances of a breach causing immense damage.