Opinions expressed by londonbusinessblog.com contributors are their own.
Cybersecurity is a $60 billion industry, and it continues to grow year after year. Most companies take extreme precautions to protect their sensitive data and that of their employees. But when you combine the rise of remote working over the past decade with a global pandemic, it throws a real monkey wrench into an otherwise well-oiled machine.
According to Statista, data leaks within the US (where they also happen to be the most common and expensive) cost an average of $8.6 million – enough to bring your business to a standstill. So, how do you keep your proprietary and private information safe? We’ll find out, but first, why are third-party companies much more susceptible to cybersecurity threats and breaches?
- Unsecured Wi-Fi. When remote workers work from anywhere, they actually work from everywhere. That could mean coworking space with secure wifi, but it could also be a coffee shop, an airport or the gym. Whenever your company’s data is accessed through one of these networks, it is at risk.
- Personal hardware. You may have given your employees company laptops and secure server access, but it’s equally likely that they do at least some (if not all) of their work from their personal devices. This also means that a personal laptop, which is much more likely to be left unlocked and left out in the open, could be compromised.
- Insufficient training. If your remote workers haven’t had cybersecurity training, add it to your to-do list, stat. Go over VPNs, authorized use of personal devices, password management and data encryption.
According to Business Tech Weekly, 81% of CIOs said their companies had been the victim of a Wi-Fi-related security breach in the past year (62% of which were from cafes or coffee shops). So how do you keep your remote team from becoming a stat?
Related: Protect Your Business by Becoming a Cybersecurity Analyst
Create a cybersecurity response plan
One weak password can be the only thing standing between your outside company and a serious cyber breach. That’s why it’s critical to have a cybersecurity response plan in place. At a minimum, your plan should cover all the basics of your cybersecurity training, plus how to identify scams and phishing attempts, and what employees should do if and when a breach is suspected.
Make sure your action plan is comprehensive, shared across the organization and quickly accessible when needed. Establish a cybersecurity “command structure” so employees know where to turn if they believe they are involved in a cybersecurity incident.
Adopt a password management system
What do your anniversary, your mother’s maiden name and your children’s birthdays have in common? They are all terrible passwords. And yet they are some of the most widely used. Instead of leaving it up to employees, implement a password management system that ensures your team has access to the software, tools, and resources they need, while protecting your information. In addition to a password management system, when choosing passwords, remind your employees of:
- Use the system-recommended password or choose a password that is unique and contains no known personal information
- Avoid using the same password on multiple platforms
- Change passwords regularly
Related: How to Protect Your Business from Cyber Attacks
Using multi-factor authentication
Multi-factor authentication (MFA) requires authentication of your employees to access sensitive or restricted information. Essentially, they have to provide proof that they are who they say they are. Types of MFA include:
- PINs or verification codes (often sent via SMS)
- Safety questions
- Real-time access requests (an authorized user approves access when prompted)
- Biometrics, including fingerprints, retina or facial scans
- Hardware such as key fobs or badges that must be scanned before accessing secure information
MFA evolves quickly and uses new technologies, so be sure to work with a trusted professional to choose the types of multi-factor authentication for your remote team.
Make common sense a little more ordinary
Hiring a cybersecurity professional can be pricey (although it’s a worthwhile investment), but there are small steps any remote worker can and should take, especially if you need to ensure your data is protected while creating a cybersecurity plan. From now on, make sure that every remote employee takes the following actions:
- Ensure personal laptops are password protected and never left unattended and unlocked
- Turn on your firewall
- Enable encrypted backups
- Use a secure internet connection if you work in a public place, or if you can’t, use a VPN
Whether you’re new to leading a remote team or an old pro, the need for more cybersecurity is constantly growing. And when your employees are working from home, on the road or working from distant locations, a small chink in the armor can quickly deliver a fatal blow. Keep the above tips in mind as you create your cybersecurity response plan and make sure your employees — and your company’s most sensitive information — are constantly protected.