7 tips for increasing cyber security during the COVID-19 outbreak

While more companies around the world require or highly recommend that their employees work remotely to prevent the further spread of the corona- virus, hackers who thrive off fear see this as perfect timing to carry out a cyber-attack.

In this period of fear and uncertainty, it’s more critical than ever to practice good security hygiene.

Flextribe webinar series part 2: Cybersecurity

One of the key measures to reduce the spread of Coronavirus COVID-19 is social distancing, which for many organizations means remote working.

As the outbreak has intensified the total volume of phishing emails, fake landing pages, malicious attachment and other security threats relating to the Covid-19 coronavirus now represents the largest cyberattack around a single theme that has ever been seen.

Here are the actions you should take immediately to ensure your workforce to work remotely and securely.

01

Educate and train employees on how to detect and handle phishing attacks and other forms of social engineering involving remote devices and remote access to company information systems. 

02

Do not allow the sharing of work computers and other devices. When employees bring work devices home, those devices should not be shared with or used by anyone else in the home. This reduces the risk of unauthorized access to protected company information.

03

Virtual Private Networks (VPNs) ensure that internet traffic is encrypted, especially if connected to a public Wi-Fi network. If your company has one in place, make sure employees exclusively use the VPN when working and when accessing company information systems remotely. 

04

Remind employees that company information should never be downloaded or saved to employees’ personal devices or cloud services, including employee computers, thumb drives, or cloud services such as their personal Google Drive or Dropbox accounts.

05

Require security software on employee devices and ensure that all versions are up to date with all necessary patches.

06

“Remember password” functions should always be turned off when employees are logging into company information systems and applications from their personal devices.

07

Keep IT resources healthy and well-staffed. When more employees than normal are working remotely, or remote work is new to an organization, IT resources may be strained and required IT assistance may increase.

Flextribe has assembled a Corona taskforce to address your company’ need for flexible and specialized skills at this very difficult time. 


Get in touch with Head of Sales, Ann-Lee Teilmann. E-mail: ann-lee@flextribe.dk and let us help you take immediate action.

We are here to help you

But moving at short notice from a trusted office environment with networks that are closely monitored and secured to working remotely connecting to an often unsecured home WI-FI network, has already created massive security risks for employers and employees around the world. 

Policy

Review your current information security and other similar policies to determine if there are any established security guidelines for remote work and remote access to company information systems. If no relevant plans or policies are in place, this is a good time to establish at least some basic guidelines to address remote access to company information systems and use by employees of personal devices for company business. 

Communication

Managers should be familiar with applicable security guidelines, plans, and policies, and ensure that relevant information is flowed-down to their teams and throughout the organization. It is essential that the organization is aligned from top to bottom. Remember, many employees do not work in security day-to-day, and some may have never worked remotely before. Providing guidance to all employees is critical.

Preparation

Companies should review data breach and incident response plans to ensure that organizations are prepared for responding to a data breach or security incident. Update the plans if necessary for contact information for the (now) remote incident response team and outside advisors. The increased security risk of remote work reinforces the need to have a plan in place if something goes wrong.