Simple Steps to Secure the Remote Workforce

It’s safe to say that everyone is feeling pretty uneasy right now. Our reality is changing dramatically, as each day brings a wave of new information. Suddenly we’re all indoors as much as possible, and if we’re lucky, working remotely.

Remote work presents a unique challenge as businesses must trust that employees will be extra careful in keeping the companies data safe, despite obvious challenges such as individuals using both company-provided and personal devices, and corporate information being shared over potentially unsecured WiFi connections. On top of this, hackers are launching targeted email phishing scams, with links posed as important COVID-19 information, that actually hand over passwords and other important personal information of susceptible users.

As the workplace becomes virtual and these new risks arise, additional security policies are essential. Here are some simple tips to keep the remote workforce secure during this unsettling time.

Keep the remote workforce informed

Internet scammers tend to take advantage of tragedy for their own gain and the current pandemic is no exception. Coronavirus phishing scams started circulating in January, preying on widespread fear and confusion around the virus, and they've only escalated since. With fewer security defenses on home networks than in the office, these attacks are proving successful.

The best defense against any phishing scam is educating employees on the two types of attacks - phishing and spear-phishing. The two threats are similar but different enough to represent two distinct modes of attack, and employees need to be able to spot them.

Phishing involves a hacking technique that casts a wide net by blasting out emails to thousands of recipients. These emails are designed to lure a user into clicking on a URL that leads to a landing page resembling a known brand, which will harvest personal information like login credentials. Think of it as malicious spam. For cybercriminals, captured log-ins and passwords are valuable because they can be used to commit financial fraud or impersonate a user and access corporate computer networks.

In contrast, spear phishing is highly targeted, oftentimes even targeting a single individual. Hackers send emails to specific and well-researched targets while pretending to be a trusted sender. The aim is to either infect devices with malware or convince victims to hand over important information or money.

The bottom line is to make sure employees know to be on lookout for phishing attacks from cybercriminals pitching anything from COVID-19 health information and fake cures to unasked for prompts to log into banking accounts, and to report them to security teams who can work to protect the entire network. Security teams can even alert the staff at large about specific attacks they’ve discovered. Remind your staff never to click on a link they didn’t expect to receive and to be extra vigilant in the evenings — it’s hard to "turn off” when working from home, and getting a random work email at night when you may be distracted may cause an unforced error.

Require a password manager

With companies implementing new services like video conferencing and virtual collaboration software, employees need to remember even more passwords. The biggest risk with this is password reuse. Creating unique, secure passwords is a great way to ensure hackers can't manage their way into your accounts, but that's often easier said than done. A password manager, however, automates password management for you, housing all of your passwords, as well as other information, in one convenient location. This means they will do all the work of creating complex passwords needed to protect online accounts from hackers. As an added layer of protection, they can also offer two-factor authentication, where a unique, one-time verification code is sent to your phone or security token when you log in.

Password managers with sharing tools should be prioritized for remote workers. As we all adjust to working from home, we will miss walking over to a coworker’s desk to ask for a company login. Not that this was ever a particularly smart idea. With a sharing tool, you can easily and securely share encrypted passwords with individuals or groups, and say goodbye to passwords sent insecurely over email, SMS or Slack.

VPN security is paramount

If your company has not already invested in a VPN, now's the time. On an insecure internet connection, your browsing activity can be intercepted and exploited both by hackers and anyone who is on your shared network. Including, for example, a family member’s compromised device. A VPN acts as a shield against anyone trying to view or track your online activity and personal data by creating an encrypted connection out of your home network to a known secure network. You can even change your server location for complete anonymity.

VPNs are one of the most time-tested solutions out there for secure remote access. However, if not properly maintained and implemented, attackers might leverage it to get access to important company data. Ensuring that the VPN stack is properly updated, using the right encryption, and continuously monitoring traffic patterns and usage are essential to a secure remote workforce.

It’s hard to juggle the stress of uncertain times and new ways of working. Keeping the remote workforce informed, requiring a password manager and implementing VPN security will only help make this difficult process a little bit easier.

Featured

  • Optimizing Security and Business Performance with Clarity and Control

    In recent years, the security sector has experienced a significant influx of innovative technologies that have fundamentally transformed how organizations design, implement, and oversee their security programs. The widespread adoption of cloud-based infrastructure, edge processing, and AI or machine learning (ML) driven analytics has brought about revolutionary changes in applications such as access control, video surveillance and emerging areas like threat detection and drone identification. Read Now

  • Father of Georgia School Shooting Suspect Charged in Connection With Attack

    Colin Gray, the father of the 14-year-old Georgia school shooting suspect, has also been charged in connection with the attack. The 54-year-old father was charged with four counts of involuntary manslaughter, two counts of second-degree murder and eight counts of cruelty to children. More charges are expected. Read Now

  • Enhancing Security and Business Intelligence

    From border security to parking lots, ALPR has gained traction across multiple use cases as the technology becomes more accurate and affordable than ever. I spoke with Jason Cook, business development director at Vaxtor, a leader in ALPR AI-based analytics, and Rui Barbosa, category manager, Surveillance Products at i-PRO, a maker of AI-enabled security cameras, to delve into the latest advancements and applications of ALPR technology. Automated License Plate Recognition (ALPR) has transformed significantly over the years, evolving from a niche technology into a powerful tool for a wide range of applications, particularly in border security. Read Now

  • Leveraging Smart Sensors

    The integration of smart sensors with data-driven video technology provides schools with a comprehensive solution to enhance safety and security. This combination offers advanced capabilities such as environmental monitoring, audio analytics, vape detection and unified data management, empowering schools to create a secure and healthy learning environment for students and staff. Read Now

Featured Cybersecurity

Webinars

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3