With the decision of the governments to close educational institutions and workplaces in an effort to limit its spread COVID-19/ Coronavirus, many of us will need to connect remotely to work / school networks, further burdening online resources.
We will also see many who are accustomed to the protection offered by a corporate / training network working remotely for the first time. This, combined with occasional attacks by digital criminals exploiting people's fears about the disease, could create a "perfect storm" for criminal activity.
The work or training from home for the first time they can seem scary, especially for those who are not used to being responsible for their own digital security. Connecting remotely to school or work networks offers flexibility in where and how we work, but it can also present some challenges and potential security risks.
In addition, many organizations are not telework-oriented and thus try to understand the challenges in real time, under exceptional circumstances, while for some it is more common and an opportunity to review security around remote access to corporate systems.
Just one device finds itself outside the corporate network infrastructure and connected to new networks and WIFI, the risks expand and increase. Here are some simple steps users and organizations can take to reduce the digital risks associated with remote connectivity.
Tips for users:
- Protect all your devices with a trusted cybersecurity product, including portable devices.
- Always apply the latest updates to your operating systems and applications as soon as they become available.
- Use only applications from trusted sources, e.g. Google Play, the App Store or the trusted educational portal you use or those provided to you by your work or educational institution.
- Use only trusted networks for activities on Internet. If it's not your network and you need to get online, use a VPN (Virtual Private Network) to secure your connection.
- Always enter web addresses. Do not click on links or attachments and do not reply to spam.
- Back up your data regularly to an offline drive to avoid losing your job.
Tips for organizations:
- Provide a VPN so that staff can connect securely to the corporate network.
- All corporate devices – including mobile and laptops – should be protected with appropriate security software (e.g. allowing data to be deleted from devices that have been reported lost or stolen, separating privacy and work data and limiting the apps that can be installed).
- Always apply the latest updates to operating systems and applications.
- Restrict the access rights of people connected to the corporate network.
- Make sure staff are aware of the risks of responding to spam.
"We encourage organizations to be extra vigilant at this time and ensure that remote employees demonstrate the necessary caution. Organizations should communicate clearly with workers so they are aware of the risks and do what they can to facilitate telecommuting for those who are isolated or connected from home.”
"Apart from the increase in teleworking, we have also found that cybercriminals are trying to exploit the virus by hiding malicious files in documents allegedly related to the disease. So, with this opportunistic approach from criminals, combined with changes in work habits, businesses need to be very careful at the moment, "says David Emm, principal security researcher, Kaspersky.
