The sudden and significant transition to remote work is an opportunity to remind the workforce of important security best practices No matter where employees work, IT security is critical. Yet maintaining and protecting a remote workforce — especially on a large scale — presents new challenges.

Source: https://www.cio.com/article/3536832/how-to-reduce-remote-work-security-risks.html

The sudden and significant transition to remote work is an opportunity to remind the workforce of important security best practices No matter where employees work, IT security is critical. Yet maintaining and protecting a remote workforce — especially on a large scale — presents new challenges.

The good news: Many security practices that work in the traditional office environment also apply to work-from-home scenarios.

That said, now is the time to lock down remote security measures and take advantage of implementing robust tools. Here are some best practices to reduce remote work security risks, while ensuring the safety of employees, their devices, and corporate systems.

Ensure protected access. If your company hasn’t moved to multifactor authentication (MFA), now is a good time. Protecting identity and access across remote locations is made easier with this technology, which requires two or more identity-driven credentials to grant access to applications. To reduce the potential impact of unauthorized attacks, some solutions like email and banking software enable MFA capabilities as part of their services.

Another easy win is to always encourage employees to change default passwords to strong passwords (think long in characters, 12 or more) that are unique to each account) . Home routers, computers and software should all be updated to the latest versions and operating systems which tend to include security patches. This helps to prevent others from being able to tap into home-based wireless networks.

Similarly, computers, laptops, and mobile devices that access corporate applications and networks should be password protected with stringent requirements. Common and easily guessed passwords should be avoided.

Be aware of potential phishing emails. For example, cyberattacks have doubled with the COVID-19 outbreak, according to a Reuters report. Bad actors take advantage of fear, confusion, and the preponderance of people working from home to launch new phishing emails and malware.

Employees should ask themselves: Do I recognize the sender and was I expecting this email? Is there a sense of urgency for my attention? Are there links and attachments in the email? They should be advised to not click on any links or open any attachments until IT or Security can verify the email is legitimate.

Ensure safe downloads and file sharing. Employees should remain cautious of downloading random applications or software to avoid malware, viruses, or insecure protocols. If they’re unsure, they should check with IT support or their Security team.

Also, remind remote workers to be careful when sharing confidential data. They should use company-issued apps for file sharing, storage of confidential documents, and communication. Let them know this is for their own safety, too, that the company has protective measures around these apps and can monitor for suspicious behavior.

Click Here to view source CIO post.