Responding to the rapid increase in work-from-home cyber security incidents at small and midsized businesses (SMBs), DIGIGUARD is now focusing its Cyber Threat Protection Services on remote workforce IT security. “Managing and monitoring work-from-home (WFH) employees includes cybersecurity risk management. Controlling network access helps protect valuable business and customer data from cybercriminals,” said DIGIGUARD’s Harvey Yan. At a minimum, Yan urges SMBs do three things:
- Secure and update network perimeter defenses along with endpoints that access the network such as computers, laptops and mobile phones
- Back up and secure business data for recovery in the event of a cyberattack or system failure
- Train employees to recognize and avoid cyber threats such as malware and phishing attacks
When employees shifted to WFH at the start of the pandemic, initial concerns included employee safety and restoring productivity. Hasty setups often neglected basic IT security protocol. SMBs that lack IT security officers or expertise provide cybercriminals with easy access to network business data and invite ransomware attacks. “Securing the network becomes more complicated when workers access remotely. Employees may be using various shared personal computers and mobile devices.” said Yan.
Setting up secure, automated backups Is good “insurance” for businesses. Backup data can be cloud-based or archived off-site. Access to your data is the key to surviving disasters such as cyber-attacks, fires, system failures, or malicious insider threats and sabotage. Ransomware cyberattacks increasingly target small businesses, and having reliable, tested backup data allows you to restore files and productivity after a cyberattack.
Most cyberattacks start with an email. Training employees to recognize and report suspicious emails and activities creates a “human firewall” that can prevent or mitigate damage to your business.
The FBI has seen a 400% increase in cybersecurity attack complaints since the start of the COVID-19 pandemic. According to Yan, “IT security works best with strategically planned layers of comprehensive protection.” Businesses are legally required to protect the private and financial data they collect from customers, patients and employees. Failure to do so can expose companies to fines, consumer lawsuits and loss of card processing privileges or lucrative contracts.