With teleworking on the rise, cybersecurity can't be ignored

With the coronavirus outbreak, many people are teleworking or working from home in the interest of social distancing. While this may keep the virus from spreading, computer viruses and hacking can still be a threat, especially if teleworkers are not careful. Taking effective cybersecurity measures, then, becomes important.
 
Needless to say, COVID-19 has become a pandemic. At the time of this article, there were 536,820 confirmed infections and 24,117 deaths, according to Worldometers. In particular, the U.S. at the time had 85,612 confirmed cases, surpassing China to become the world’s No. 1 in terms of infections.
 
Since the disease is spread mostly through respiratory droplets between people close to each other, social distancing is strongly encouraged to prevent the disease’s transmission. This, then, has significantly altered the working habits of people, more and more of whom are now working from home or at a remote location.
 
However, when people work on their own without protective measures that they would otherwise have in the office, they stand vulnerable to another type of virus – computer virus – as well as hacking, intrusion or other cyber-threats from hostile actors. In fact, Recorded Future points out that COVID-19 has been primarily used as a theme for phishing lures by cybercriminals, a lot of whom use the branding of “trusted” organizations, such as the World Health Organization and U.S. Centers for Disease Control and Prevention, in these attacks as they try to get trusting users to open attachments or click on the link.
 
Cybersecurity, then, has become quite important amid an increase in teleworking, and there are important guidelines for both companies and teleworkers to follow. Some of these are listed below.
 

For companies

 
For companies, they should formulate a well-considered security policy for teleworking. One is issue company laptops or phones. “You can’t count on employees to keep their own personal laptops or phones clean of sneaky malware or insecure apps for personal use,” according to Applied Innovations. “Company-provided laptops or phones can be kept much more secure. Not only will you have greater reasonable control over what is installed on the devices, but employees will also have an easier time remembering not to download potentially insecure personal-use apps.”
 
Also according to Applied Innovations, when employees come to the office from time to time they should be asked to do device scans to make sure no viruses or malware are embedded. Cloud and encryption, meanwhile, are also advised. “A DMS (cloud file storage) ensures that your employees never download an infected file directly. Encryption puts all your data into an unreadable code. Even if a hacker steals your data, they won’t be able to use anything encrypted because they don’t have the encryption key,” the company said.
 

For teleworkers

 
For teleworkers, they should of course follow the security policy set forth by their companies. The National Institute for Standards and Technology (NIST), meanwhile, also provide some guidelines:
 

• Protect computer communications from eavesdropping: If Wi-Fi is used, it should be using “WPA2” or “WPA3” security, and the password should be hard to guess.

 

• If the company has a VPN, that should be used on the telework device for stronger protection.

 

• If the worker’s own computer or mobile device is used, the basic security features should be enabled. Any PIN or password should be hard to guess.

 

• Keep the computers and mobile devices patched and updated. “Most provide an option to check and install updates automatically. Enabling that option can be a good idea if you don’t want to check for updates periodically,” NIST said.

 

• If unusual or suspicious activity on the telework device is detected, ask for help — better safe than sorry.