With the arrival of summer, teleworking becomes the priority option for many workers, but it is necessary to take into account the risks and threats involved in moving the workspace to a new location.
Before the pandemic, cybersecurity started to be considered as a fundamental area in a company. But it’s really after the implementation of teleworking during confinement and the cyberattacks that many companies suffered, due to the exposure of their devices, that IT teams are increasingly focused on raising awareness among their workers. The objective is clear, shield each access point to the business network and monitor it to avoid active threats, making remote work a secure and flexible option.
“At the time the health emergency arose, companies had to apply various measures to continue operating from home, but, although the crisis passed and companies returned to normality, teleworking has remained in many cases. In the first instance, it is the companies that are taking measures to increase their levels of cyber protection, but in addition to that, users can also take measures that accompany them and that allow them to telework from wherever they want while maintaining protection”, explains Chester Wisniewski, Field Sophos CTO.
Flexibility or family reconciliation are some of the advantages offered by this modality, so it is not surprising that it is an option that many workers choose for the summer season. Although at an operational level changing workplaces seems simple, it is important to take into account a protocol for prior actions. Cybersecurity experts at Sophos, a global leader in innovation and delivery of cybersecurity as a service, offer five steps to take to avoid risk and concern in what should be a happy and pleasant time:
1. Previous preparation. Just as you must prepare your devices and materials to establish your office in the new destination, you cannot forget to condition them internally, for this, check that your devices have the appropriate security software installed and that they comply with the compliance policies and security of your organization. solutions are patched and protected.
2. Training. Most cyberattacks start with a vulnerability in the weakest link in the chain, that is, the users. Workers can be the gateway used by attackers to access the rest of the company’s devices. This makes it necessary that, as a worker, it is important to acquire basic knowledge to know how current and identify in time if you are being attacked, either by your company or by your own account.
3. Double check. If you receive an unexpected communication from a coworker or business that seems out of the ordinary, don’t respond directly, rather contact the person or organization using another communications method like phone or SMS to ensure they are who they say they are.
4. Apply updates as soon as they are available. This is easiest on our phones and computers as we are usually prompted to update them, but don’t forget your internet router and smart home things. It is a good practice to check them all for available updates at least once a quarter.
5. Don’t forget to keep the “essentials”. Finally, despite carrying out all the previous steps, we must not forget the most basic protection measures that represent the entry barrier. First, set unique passwords for all your accounts and use a password manager to help keep them long and secure. Ideally, use multi-factor or “two-step” authentication wherever available to provide additional protection.
“Today most devices are used when connected to the internet, so you have to maintain a mindset where devices are considered to be in a hostile environment at all times. The idea that the safe space is inside offices and the insecure one outside is outdated. Now, anywhere you can suffer an attack, but it is true that sometimes when we move along with our workplace we do not take the necessary tools with us, so it is important to be vigilant”, adds Chester Wisniewski.
