With the decision of the governments to close educational institutions and workplaces in an effort to limit its spread COVID-19/Coronavirus, many of us will need to connect remotely to work / school networks, further burdening online resources.
We will also see many who are accustomed to the protection offered by a corporate / training network working remotely for the first time. This, combined with occasional attacks by digital criminals exploiting people's fears about the disease, could create a "perfect storm" for criminal activity.
Working or training from home for the first time can seem daunting, especially to those who are not accustomed to being responsible for their own digital security. Connecting remotely to school or work networks offers flexibility in where and how we work, but can also present some challenges and potential security risks.
In addition, many organizations are not telework-oriented and thus try to understand the challenges in real time, under exceptional circumstances, while for some it is more common and an opportunity to review security around remote access to corporate systems.
Once a device is found outside the corporate network infrastructure and connected to new networks and WIFI, the risks widen and increase. Here are some simple steps that users and organizations can take to reduce the digital risks associated with remote connection.
Tips for users:
- Protect all your devices with a trusted internet security product, including portable devices.
- Always apply the latest updates to your operating systems and applications as soon as they become available.
- Use only applications from trusted sources, e.g. Google Play, the App Store or the trusted educational portal you use or those provided to you by your work or educational institution.
- Use only trusted networks for online activities. If it is not your network and you need to connect to the internet, use a VPN (Virtual Private Network) to secure your connection.
- Always enter web addresses. Do not click on links or attachments and do not reply to spam.
- Back up your data regularly to an offline drive to avoid losing your job.
Tips for organizations:
- Provide a VPN so that staff can connect securely to the corporate network.
- All corporate devices - including mobile phones and laptops - should be protected with appropriate security software (eg to allow data to be deleted from devices that have been reported as lost or stolen, separating personal and work data and restricting applications that can be installed).
- Always apply the latest updates to operating systems and applications.
- Restrict the access rights of people connected to the corporate network.
- Make sure staff are aware of the risks of responding to spam.
"We encourage organizations to be especially vigilant at this time and to ensure that long-distance workers show the necessary care. Organizations should communicate with employees clearly so that they are aware of the risks and do what they can to facilitate teleworking for those isolated or connected from home. ”
"Apart from the increase in teleworking, we have also found that cybercriminals are trying to exploit the virus by hiding malicious files in documents allegedly related to the disease. So, with this opportunistic approach from criminals, combined with changes in work habits, businesses need to be very careful at the moment, "says David Emm, principal security researcher, Kaspersky.