8 Cyber Security Tips to Keep You Safe in the Mobile World

In this time of unprecedented uncertainty one thing is certain, a remote workforce. As we all shelter at home and social distance to stay safe we all must accept the new norm of “working remotely”. Tele-work is nothing new, however having most of the countries workforce utilizing home networks and personal devices to facilitate that work is. No doubt cyber-criminals are ramping up their attempts to tap into this new work situation, which means you need to take as many precautions as possible. Here are eight ways companies and individuals can stay safe and as secure as possible while working in this new norm.

  1. Training employees in proper security practices is critical. Most malware, whether it is ransomware or keystroke logging programs that steal personal information stored on the company’s computer for purposes of identity theft, is downloaded as a link or attachment in a phishing or more specifically targeted spear phishing email. While security software will recognize and block many spear phishing emails, it definitely will miss many others. It is critical to train and remind employees about recognizing and avoiding spear phishing emails and never clicking on links or downloading attachments unless they have been confirmed to be legitimate.
  2. Uploading sensitive data to cloud storage providers like Dropbox, Google Drive, etc. Any small business who is using cloud storage for sensitive information should consider locally encrypting files and folders before uploading them. Just because your files are “in the cloud” doesn’t mean they are totally safe and secure.
  3. Allowing remote workers too much freedom in how and where they access the internet. Technology is beneficial for businesses as they can operate with a flexible, mobile workforce to reduce overheads and boost productivity, but it isn’t without risk. Connecting to enterprise and client data over unsecured Wi-Fi networks and from poorly-secured devices can bring significant threats to the security of your business.
  4. Reusing identical passwords and not using two-factor authentication. It might seem like a hassle to set up a password manager or two-factor authentication for employees (and train them on using it), but it’s far more hassle to have to clean up if someone’s details are compromised. Make users select difficult passwords, or better yet, longer passphrases that they can remember but aren’t easily guessable.
  5. Have a cybersecurity or IT audit conducted by a third-party expert. Pricing is usually based on the size of the company having the audit performed, as well as the complexity of their environment and is usually one tenth or less of the cost of remediating an incident. Better to pay a small fee upfront to find the vulnerabilities before having to pay a large fee to mitigate an outbreak.
  6. Anything connected to the internet poses a threat to cybersecurity. Therefore, make sure that you have changed the default password on all your Internet of Things devices. At home we have multiple IOT devices such as Amazon Alexia, Google home mini’s, Fire-TV Sticks, Nest Thermostat’s, and a host of other wearables and tracking devices. A weak or default password allows an attacker to gain access to your network and possibly your corporate device while working remote from home.
  7. Shred all discarded documents that contain sensitive information. We don’t often think of the physical piece of paper these days with most of our world being digital. However, many businesses’ still have paper copies of sensitive data that could be left un-attended at home workspaces or on our desks. It’s important to understand the types of PII data that could pose a risk if left behind and not destroyed, data theft doesn’t mean just digital data.
  8. The tremendous threat of ransomware is getting worse. Along with properly training employees to avoid the spear phishing emails that may contain ransomware and using proper security software, the best defense against ransomware is to make sure you back up all of your data daily on a couple of different platforms, such as in the cloud and on portable hard drives. If you use a local backup device like a USB data stick or external hard drive, disconnect it from the PC once your file backup has completed. If your PC is infected by Ransomware, your data backups will remain safe and restorable.

For more information on how to keep your data safe, please contact Ryan Carter at rcarter@manersolutions.com.