If COVID-19 has done anything positive, it may be showing the world that working from home is possible when it is necessary. Ultimately, time will tell if that is a good thing or a bad thing. Either way, reliance on technology for work and personal use is now at an all-time high, and telecommunications are quickly becoming the norm. The potential for cyber security incidents, unfortunately, is also rising exponentially. Even now, with COVID-19, platforms like ZOOM are becoming more and more popular for use, and even they have issues with their end-to-end encryption which is causing users and businesses issues all over the world.
Protecting confidential information and keeping work (and personal) data out of the hands of cyber criminals is paramount, and there are some best practices which can be followed to help make that happen:
- Review and follow existing policies regarding the sharing of data and communications protocols inside and outside of the company.
- Make sure all of your hardware and software is up to date. Security vulnerabilities are often patched out relatively soon after they are discovered, but that makes no difference if the software that is vulnerable has not been updated to reflect those changes.
- Be prepared to deal with IT issues. This is something which is going to come up from time to time, but during events like COVID-19, resources are going to be stretched in terms of both manpower and technology.
- Connect to the internet through a secure network. In all honesty, even on home computers it is a better idea to say that you are on a public network than not. Home networks often are not as secure as they should be. Ensure you have a good authentication system on your network and make sure your firewall and antivirus software are up to date.
- Do not share confidential information with anyone unless you know exactly who they are and they have identified themselves to your satisfaction. This applies over the phone, over email, on websites, and anywhere else.
- Do not click on links to websites in email, instead type the URL in by hand and look for the information posted. Also, make sure the site you visit has HTTPS in the URL before supplying confidential information as these sites have more security.
- Implement multi-factor authentication. The traditional way of logging in, usernames and passwords, are notorious for being easy to crack by bad actors. If possible, set up multi-factor authentication to add an extra layer of security to the process.
- Never share passwords with anyone. Never share any login information with anyone, for that matter. This may seem obvious, but when someone calls you on the phone pretending to be from IT, it can be easy to forget and simply give that information away.
This list is by no means exhaustive, but it is a great start. Ultimately, you are the arbiter of what you need to be doing for security. Use common sense and, when in doubt, either consult someone with more information than you have or take no action until your doubt has been cleared.