Protect data during remote-based work
As businesses adapt to having their employees work remotely, there are several things managers and employees should know, according to a Fargo-based online security specialist.
“The biggest issue right now is connectivity to access data,” said Sean Todd, director of security at Network Center Inc. He said a question on people’s minds, especially if they’re not used to working from home, is “How do I do this when I don’t have someone looking over my shoulder and help me through it?”
After COVID-19 was declared a pandemic, businesses went from their normal office routines to sending employees – those lucky enough to retain their jobs, anyway – home to work.
“It quickly went from most businesses not doing remote work to the majority of businesses having their workforce work out of their homes,” Todd said. “It’s one of those decisions that came fast and quick, and unfortunately there wasn’t the ability to do a lot of planning.”
He said many businesses new to remote, home-based work said they’d do the best they can and plowed ahead with the necessity to get things done. But as days have stretched and people have started settling into a new routine, some issues have come to light.
“They’re able to connect, they’re able to start doing video conferencing, they’re able to access their information,” he said. “But the next step is, how do we control that?”
Control and risk
Todd said it’s important that companies evaluate what risks they’re willing to take when employees work remotely, and leverage safety measures as much as possible to protect company data.
“When you’re within the four walls of an office you connect with a server that is internal or resources in which you’re not having to traverse the internet to get to a lot of (applications and data),” he said. “Today we’ve put that on its head and almost all of the resource we’re trying to access are sent across the internet. … So the challenge is how are we securing those communications?”
Some security options include making sure web addresses visit and signed into have a “locked” icon in the address bar, meaning it’s a secure site, and leveraging virtual private networks (VPN) to connect to the home office to retrieve files.
“If we’re not using a VPN what file-sharing programs are we using and are they secure?” he said.
He also said multi-factor authentication is especially important right now. What that means is when signing into an email account, for instance, a pass code is texted to the user to verify that it is the correct person trying to access the account.
He also said business should leverage their password complexity, making sure passwords have a combination of letters, capitals and lowercase, numbers and symbols.
“Don’t use your home password at work,” he said, “and don’t use your work password at home because if it becomes compromised in one area it can become compromised in both pretty easily.”social flow
Connectivity and the end user
The technology that many people and businesses have taken for granted, such as video conferencing tools and mobile applications, has “never been more utilized than they are today,” Todd said.
Because so many people are online and using the same technology some people may experience intermittent connectivity problems.
“Every issue can be slightly different but there has definitely been an increase in the usage of the various video conferencing platforms and at times it has introduced some potential issues with connectivity,” he said. “Some video and audio will cut out.”
But another problem lurks behind the curtain – or in files and links attached to emails.
Todd said scammers have been paying attention to what’s going on in the world and are taking advantage of it through an increase in phishing, in which they try to fool people to click on links or open attachments in an effort to gather personal and company information.
Don’t do that. If an email looks suspicious, it most likely is suspicious.
“People are trying to exploit COVID-19, specifically in light of some of the bills in the House and Senate,” he said. Emails have been sent by scammers trying to fool the user into thinking they’ll be getting a payment in the mail but that they need to click on a link or answer questions to verify their name and address, etc.
“It it looks too good to be true it usually is,” Todd said. “The federal government mostly likely will not contact you through email.”
Some tips are to take a look at the email sender carefully, see what links might be misspelled or replaced. And, he said, it’s always good to verify with the agency or company by calling the proper business number, not necessarily the one attached to an email, to verify if what was sent is legitimate.
The full article will be published in an upcoming issue of Prairie Business.