With the global spread of COVID-19, many companies have resorted to remote work for their employees. Many companies resorted into using a remote desktop software so that they would be able to have their employees access the companies’ computer. While this is a great way to maintain productivity while taking the health and safety of staff into account, it does mean that an organization’s data security may have taken somewhat of a backseat, especially if a company has never previously had any employees working remotely. These unprecedented times have resulted in hackers being more brazen than ever to attempt to swindle victims, and so it is wise to review the tips and best practices for cybersecurity with your remote staff.
Make use of Two-Factor Authentication
Two-factor authentication has become something of an online security trend over the last few years. Two-factor works in a way that prompts you another security feature upon entering the correct password.
While cloud-based software platforms have been of benefit to people working remotely, it is possible for someone who is not an legitimate employee to impersonate a user and gain access to the company data. This can occur when weak passwords are used. This makes two-factor authentication an important and useful tool for remote workers using cloud-based software, and it is recommended that it be implemented as a standard practice on all company devices. Two-factor authentication essentially means that a user must provide two methods of identification before access is granted; for example a password is used in conjunction with a cellphone that generates an OTP (one time pin). This method of authentication can maqke it much more difficult for potential hackers to gain access to your accounts.
Knowing How to Identify Phishing Attempts
Phishing is a method of gathering personal information from victims by using deceptive e-mails and websites; it has long been one of the most widely used and successful methods by cyber attackers. One of the most common approaches is to spoof a real business or person and send an email which contains a malicious link or attachment to an unsuspecting employee, with the aim to gain access to their accounts. Unfortunately hackers tend to take advantage of times of crisis, especially since many employees are currently working remotely.
According to the security company KnowBe4, here is a list of Top-Clicked Phishing Tests:
Demographic from KnowBe4
Educating Employees to Detect and Identify Potential Risks
- Don’t click on links from people you don’t know. If there is any doubt that an email you receive might be malicious, don’t open any attachments or links.
- Verify the email address of the sender. A common trick used by hackers is to replace one letter with a similar-looking symbol or number (e.g. [email protected])
- You don’t know the sender or have not had any previous dealings from the company. If this is the case, be wary of opening any links sent.
- The message uses a generic name instead of your proper name or uses incorrect grammar and spelling. This can be a telltale sign of a potential risk.
- The email asks for personal information, including passwords, addresses or PINs.
It is wise to have a company-wide plan in place for reporting suspect emails. Train employees on what to do and how to report a suspected phishing email. This can include forwarding the email to a secure phishing inbox that your security team has set up or just notifying your IT team and asking what to do with the email and how to handle the situation. If there is any doubt, it is best to ask your IT team to investigate it.
AeroAdmin is recommended for remote work as it contains security features that would ensure that working remotely is as safe as possible. Given the circumstances of today’s situation, it would be best to secure your company with full-featured remote desktop software.