With the decision of governments to close educational institutions and workplaces in an effort to limit the spread of COVID-19, many of us will need to connect remotely to work/school networks, further burdening online resources.
We will also see many who are accustomed to the protection offered by a corporate/educational network to work remotely for the first time. This, combined with occasional attacks by digital criminals exploiting people’s fears of the disease, could create a “perfect storm” for criminal activity.
Working or educating from home for the first time can seem daunting, especially for those who aren’t used to being themselves responsible for their digital security. Connecting remotely to school or work networks offers flexibility in where and how we work, but can also present some challenges and potential security risks.
Moreover, many organizations are not teleworking-oriented and thus try to understand the challenges in real time, in exceptional circumstances, while for some it is more common and an opportunity to review security around remote access to corporate systems. Once a device is out of corporate network infrastructure and connected to new networks and Wi-Fi, the risks are expanding and increasing.
Here are some simple steps that, according to Kaspersky, users and organizations can follow to reduce the digital risks associated with remote connection.
Tips for users:
1. Protect all your devices with a reliable online security product, including mobile devices.
2. Always apply the latest updates to your operating systems and applications as soon as they become available.
3. Use only apps from trusted sources, such as Google Play, the App Store, or the trusted educational portal you use, or those provided to you by your work or educational institution.
4. Use only trusted networks for internet activities. If it is not your network and you need to connect to the Internet, use a VPN to secure your connection.
5. Always type web addresses. Do not click on links or attachments and do not reply to spam.
6. Back up your data regularly to an external drive that you keep offline to avoid losing your job.
Advice to organizations:
1. Provide a VPN so that staff can connect securely to the corporate network.
2. All corporate devices –including mobile and laptop-computers– should be protected with appropriate security software (e.g. allowing data to be deleted from devices reported to be lost or stolen, separating personal and work data and limiting applications that can be installed).
3. Always apply the latest updates to operating systems and applications.
4. Restrict the access rights of people connected to the corporate network.
5. Make sure staff are aware of the risks of responding to spam.