<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=245060656550976&amp;ev=PageView&amp;noscript=1">

Cybersecurity: What We've Learned About Working Remotely 6 Months Into a Pandemic

by Roseann Freitas | Oct 7, 2020 5:43:16 PM

Shifting to remote workers and Cybersecurity

When COVID-19 first impacted the nation in March of this year, businesses scrambled to keep operations going during a lockdown. Many companies chose to move their workforces home. Staff meetings became online Zoom events as more business operations went virtual.

Usually, when a significant shift in work production happens, businesses have time to plan. The pandemic left people adapting almost overnight.

What we have learned about remote workers six months into the pandemic

Earlier last spring, Jeremy Larrison, information systems manager for BBB Northwest + Pacific, gave us guidelines for setting up a remote work site. With six months of remote working to look back on, he offered some updated advice.

Larrison notes that easily accessible and understandable training materials are essential. Documenting your organization’s processes provides employees time to learn the system and verifies that they understand each step along the way.  

"Training employees is key. Help them help themselves."

The critical ingredient for remote workers and Cybersecurity lies with the employees

A company can invest in services and software to protect their data, but employees ultimately determine their success.

Educating staff on how to spot a fake email or dispose of an unknown file is critical. Hackers are looking for a door into a company's system, and an employee's email account is a common entryway to valuable data.

Training should include information about business email compromise – where staff members receive an email from a person in leadership asking to transfer money or pay a bill or a person's email is hacked and redirected to an unauthorized party. If an emailed request isn't part of the organization’s usual processes, pick up the phone to verify.

What to do if your company doesn't have a dedicated IT department

If a company doesn't have a dedicated IT person, they should look for a trustworthy consulting company  to provide those services. A great place to start that search is at bbb.org.

In the meantime, Larrison recommends utilizing readily available, and often affordable resources that can help curb cyberattack attempts.   

“Use the tools that the big companies provide for small businesses that don't have a dedicated IT person,” says Larrison. “IE: Office 365 subscription or Google Gmail. They know what to look for with security risks, and they start at free. Having any protection is better than none."

Part of staying secure is updating all software programs. Larrison uses device management through Microsoft called Intune to protect his BBB team. He also notes that Endpoint/Antivirus works, too, and that Internet Service Providers usually provide free or very cheap subscriptions.  

None of us may have expected to be still working from home in October, but for many business owners and their employees, it’s a reality that is likely to extend well into next year. Understanding how to keep your company's data protected is especially essential to establishing trust with consumers right now. And it starts with a cybersecurity training program for the entire company.  

Subscribe Now

Additional Reading