Creating a COVID-19 Cyber Security Plan

Liz Alton

As everyone adapts to a new way of working in the face of coronavirus, the rapid increase in remote work has created unprecedented challenges for IT teams and employees. One of the biggest areas of concern? Cyber security. The best way to combat this is with a COVID-19 cyber security plan.

A study from Security Magazine found that half of business owners are concerned that having a large-scale remote workforce increases the risk of cyber attacks. In a study conducted by CNBC, one responding security officer explained that his organization had seen phishing and hacking attempts increase by 40% since the start of the coronavirus crisis. 

Your mostly in-office data and security plans may not be enough to help you adapt to today’s fast-changing landscape. It’s time to determine whether your cyber security plans need an upgrade to flex with a remote workforce. Here’s a list of best practices and tools to help you quickly and efficiently adopt cyber security best practices when some or all of your team is working from home. 

Prioritize Patches and Security Upgrades

The reality of suddenly deploying a remote workforce creates a significant amount of work for IT teams, administrators, and employees across all departments. As a result, routine network patches, operating systems patches, and ongoing security upgrades may be delayed or overlooked, creating security vulnerabilities that cyber criminals can exploit. There are a few steps you can take to ensure this doesn’t happen:

  • Prioritize network and data center patches, or partner with a managed services provider to oversee this aspect of your infrastructure management.
  • Require all employees to install the latest operating system patches to their devices, including computers and mobile devices. Consider a company policy that automates accepting all future updates.
  • On a weekly basis, remind employees about any patches that have come out or security updates they need to install.
  • Consider managed network solutions and data center solutions that build in a layer of cyber security protection, as well as leverage remote monitoring, AI, and other tools to identify and eliminate threats before they land in your inbox or penetrate your network.

Ensure Good Cyber Hygiene

Another step you can take is ensuring that your employees follow good cyber hygiene at home. Whether they’re using their own devices or connecting company devices to a home network, some factors to consider include:

  • Require that home networks are password protected.
  • Implement password best practices across your organization’s systems and assets, including requiring strong passwords and frequently passwords changes.
  • Enable two-factor authentication to key applications and employee devices to help increase security. Solutions such as Fortinet remote tokens can increase the security of cloud applications.
  • Ensure that all employees are using anti-virus software on their computers, tablets, and other mobile devices, and that automatic updates and regular scans are enabled.
  • Consider a managed security solution from a trusted partner. It can help to have back up, to keep an eye on things and make sure everything keeps running smoothly.

Invest in Secure Software and Collaboration Tools

If your team has access to secure remote working solutions and collaboration tools, they’re more likely to help keep your organization’s data safe. Here are some industry-leading options that can help you empower your team while keeping cyber security goals front and center:

  • Collaboration tools: Headlines have exploded with cyber security concerns associated with Zoom as businesses and employees find ways to connect virtually with colleagues and clients. Consider investing in business-level solutions that give you visibility and security control. Microsoft is offering a free six-month trial of Office 365 E1, which includes Teams, and lets you bring together all your Microsoft Office 365 features into a single messaging application. Cisco Webex is providing 90-day free licenses to companies that have made the leap to remote work abruptly. Now is a great time to tap into the industry’s leading remote work and collaboration tools, to not only support productivity but to help eliminate security concerns as well.
  • File sharing: Encourage employees to leverage a secure file-sharing application to send data. Doing so will both help protect information and make it easier to eliminate risky behavior—such as downloading attachments or clicking on unknown links.
  • Email security: In a remote work environment, messaging and email become vital lines of communication. Providers such as Mimecast offer email security solutions that can help you identify attempted hacks before they reach your inbox.
  • Virtual private networks (VPN): These enable your workforce to securely access your network from any device. There are a number of offers you can consider if you’re looking for the right VPN; contact us for more information.
  • Disaster Recovery as a Service: When your team is disbursed, your backups and disaster recovery strategies become critical. We’ve already highlighted why it’s important to backup your business resiliency planning for the year ahead and determine whether a Disaster Recovery as a Service partner or other solution could help add a layer of security in the event of an incident.
  • Connection partners with a vast number of providers. We work with our partners to offer a wide array of extended free trials on tools to make remote work easier. You can find the list of free offers we can help you implement in this blog.

Invest in Cyber Security Training

Helping your team be successful with remote work can go a lot smoother with the right training and tools. A strong offense is your best defense with cyber security, and training your team is a vital part of long-term cyber security health. Yet, Security Magazine reports that, due to the rapid nature in which many organizations had to deploy remote work during this crisis, just 22% provided their employees with targeted cyber security training. The Cyber Readiness Institute created a checklist to help organizations that are securing and training a remote workforce.

Now is a great time to invest in training your teams. You can contact us to discuss programs that can help, but here are some effective basics to keep in mind:

  • Establish and reinforce company policies to access business assets and programs only on authorized computers with active anti-virus and malware protection.
  • Encourage employees not to use company devices to complete personal tasks, and never allow a non-employee to access company computers, systems, or mobile devices.
  • Reinforce best practices for email and Web behavior, such as not downloading attachments, clicking links, or visiting websites without first verifying that they’re safe.
  • Raise awareness of phishing and social engineering attacks and remind employees of best practices to avoid phishing.

During social distancing, the ability to keep your team working safely is key to serving your customers and keeping your business moving forward. Preventing hacking, phishing, and other cyber security risks is challenging. With the right tools and strategies, you can make sure your security plans are remote ready. And if you’re not sure where to start—or need support in creating a laser-targeted plan to help eliminate risk—we can help.

Contact us today to discuss your unique needs, learn more about the tools on the market—including many free offers during the coronavirus crisis—and find out how our experts can help you identify and deploy the solutions you need to support a secure remote workforce. Call us at 1.800.800.0014 for help achieving your cyber security goals.

Liz Alton is a B2B technology and digital marketing writer and content strategist. She has worked with a variety of brands including Google, Twitter, Adobe, Oracle, and HP, and written for publications including Forbes. She is a regular contributor to Connected, Connection’s official blog.