While working from home was the norm in the first year of the pandemic, many companies are now embracing permanencewhich, according to experts, make companies more vulnerable to compared to when their staff is on site.
For employers, securing their data and servers could be one of the most difficult parts of juggling workers in person and remotely, according to Laura Hoffner, cybersecurity expert and chief of staff at the management company. of Concentric Risks.
Mitigating security risks has proven to be a “very big headache” for companies that manage workers logging into company devices from various locations, according to Hoffner. “What you are really seeing is that the vulnerabilities are increasing as we grow this network and more and more people are working from home,” she told CBSN.
In early spring 2020, working from home became necessary to mitigate the spread of COVID-19, which appeared quite suddenly in the United States, forcing office workers to abandon their desks without much preparation.
“The default was, ‘How can we make it as easy as possible for the employee? “Which is an understandable flaw and appreciated by most,” Hoffner said. “Unfortunately, these very crucial security measures which are taken into account from the start – must now be applied retroactively.”
Proven security practices
There are, however, proven security practices that can help keep businesses safe.
- Multi-factor authentication systems, for example, are a good place to start. “Layers. You absolutely have to go through layers of cybersecurity,” Hoffner said.
- Companies should also continuously assess and update cybersecurity measures. “It will be an ongoing effort. Security and cybersecurity in particular is not a one-size-fits-all process. You have to constantly re-analyze what new vulnerabilities are, how new attacks occur, and then educate as much as possible, ”Hoffner mentioned.
- Make sure the Wifi routers are corrected or up to date; never rely on default passwords and install anti-virus or intrusion detection software to minimize risk and use a virtual private network (VPN).
- It’s critical that everyone in an organization is vigilant about protecting their devices, Hoffner said, because one weak link “can really break the chain for the whole business.” Unsuspecting individuals can expose businesses to attack, for example, if they accidentally open a phishing email or lose a device.
“We miss those days when the biggest problem was the physical vulnerability link – you leave your laptop somewhere. But now, unfortunately, it’s really entered the full spectrum,” Hoffner said. “You don’t have to leave your laptop anywhere for it to be vulnerable.”