The New Frontier of WFH: Good Security Habits

There are good and bad habits we all have, created over time that become part of our routine. Due to COVID, new ways of working and WFH lifestyle were forced to be adopted around the world. With new environments that many companies have not had much if at all experience of, this results in insufficient preparation and training for employees as well. Instead of designated work computers, many if not most use their own devices to manage both work tasks as well as personal, which can lead to many issues.

Not everyone is in the tech sector, let alone in sectors of cloud tech and security. Many are unaware of the risks and threats they may face as they go about their daily activities. Saved autofill passwords, kids unknowingly going to unsafe sites, outdated or even lack of security software, and more. They could not only be putting company files in danger of ransomware but their info at risk as well.

As a result, companies are encouraged to have their IT departments aid and guidance to the things that should and should not be done while employees work from home. “Don’t click suspicious links; ensure your system, antivirus, and applications are patched and updated regularly; don’t send sensitive work information through your email account; etc. Since you can’t put up posters in the lunchroom while everyone’s at home, it’s also important to establish, communicate and set expectations repeatedly around your organization’s cybersecurity policy,” says Paul Vallee of Security Boulevard. Many either are not aware of the importance of their digital habits or unsure what to do to minimize the security vulnerabilities they have working from their personal computer.

Although the IT sectors of companies have been at a disadvantage without their usual resources and ability to provide on-site help, this does not mean that they are unable to provide support to the members of the company. Sue Poremba of Security Intelligence stresses the aspect of training as a fundamental part of IT, with courses being an option. “Employees need more frequent training sessions and more hands-on sessions to understand the importance and urgency of practicing good security habits…The SANS Institute, for example, developed a Security Awareness Work-From-Home Deployment Kit that ‘…provides a step-by-step plan to quickly execute an awareness initiative to secure your remote workforce, including how to identify what to teach your workforce, the top three risks to focus on, what departments to coordinate with and how to effectively engage and communicate to your workforce.’ Having these modules designed for remote work means security teams can create awareness programs for the current situation.” Results from cybersecurity research have provided analysis firm Canalys with the following conclusions: “Organizations had to implement business continuity measures quickly in response to the COVID-19 pandemic or risk going out of business… these measures were often at the expense of cybersecurity and bypassed longstanding corporate policies, leaving many exposed to exploitation by highly organized and sophisticated threat actors, as well as other more opportunistic hackers…employees now accessing company information from many different locations, and more data being stored and processed outside of traditional, office-based IT environments, new security measures are needed.”

Puffin Secure Browser has the solution to these security vulnerabilities. Visit https://www.puffin.com/secure-browser/ to learn more.

Sources:

• https://securityboulevard.com/2020/06/4-ways-to-keep-company-data-secure-during-wfh/
• https://securityintelligence.com/articles/how-working-from-home-changes-cybersecurity-awareness-training/
• https://www.zdnet.com/article/billions-of-records-have-been-hacked-already-make-cybersecurity-a-priority-of-risk-disaster-warns-analyst/