Today’s COVID-19 pandemic prompted remote work as the new means for employees to continue working and staying productive.
However, cybercriminals continue to victimize more individuals and organizations alike in this new working arrangement.
In light of this, Japanese multinational company Fujitsu has put together the following guidelines to consider when deploying a remote work setup:
- Regular patching is essential. Attackers will continue to exploit the changes in working practices amid the crisis. Fujitsu advised to patch frequently and manage eventual outcomes rather than waiting for months to patch correctly.
- Learn how to spot COVID-19 phishing emails. Businesses must ensure that all of its employees have a better understanding of how internal COVID-19 communications look like and who the senders are, as well as staying vigilant in accessing unsolicited third-party emails.
- Be extra vigilant around C-Suite email accounts. Employees must be trained on how to spot emails, and know how to detect and report potential phishing attempts.
- Targeted security will be required. Organizations must take a risk-based approach to prioritize assets, users, and systems in ensuring that they are monitored appropriately.
- Make cybersecurity education a critical element of a secure remote work setup. Organizations must ensure that employees do their part in keeping the enterprise safe. This includes sharing best practices, providing workers with consistent security awareness training, and allowing workers to report incidents on time.
- Ensure reliable and secure network access. Prevent unauthorized users and devices from gaining access to the company’s network resource. Employees must be well-informed about relevant policies and well-guided on which tools and applications are acceptable.
- Redefine trust for people in the organization. Organizations should adopt the “Zero Trust” model for devices used for employees and operations. For instance, only grant access to business systems when a trusted person with the correct identity and credentials requests it.
- Consider the physical elements of cybersecurity. Provide security equipment aside workspace equipment for remote workers to ensure systems cannot be compromised.
- Collaborate with peers for the greater good. Drawing on external sources of intelligence and inspiration will accelerate the development of an efficient strategy. It will also help ensure resilience throughout the entire supply chain, as well as the industry.