October is National Cyber Security Awareness Month (NCSAM). More than half of employees still working from home – a situation that will likely continue well into 2021. Therefore, it’s critical for businesses to realize that individual data security and organizational data security are more intertwined than ever. The necessity for comprehensive cybersecurity measures across devices and locations has never been more important. Fittingly, this week’s NCSAM theme is “If You Connect It, Protect It.”
Securing the Employee’s Home Network
As you work to support your remote workforce, you need to provide them with ongoing training and updates about existing threats. However, you also need to ensure (and provide the tools and resources necessary to do so) that their home networks are secure. In other words, individual data security and organizational data security must both be prioritized for better protection.
National Cyber Security Alliance (NCSA) Minimum Requirements
Secure Wi-Fi Network. A home’s wireless router is the primary entrance for cybercriminals to access all connected devices. Encourage employees to change the factory-set default passwords and usernames.
MFA. Require multi-factor authentication (MFA) for every access point the employees have to your company network. Encourage employees to also enable MFA for email, banking, social media, and other personal accounts.
Protect everything. Whether it’s a computer, smartphone, game device, or other network device, the best defense is in making sure that you have the latest security software updates, web browser, and operating systems. Encourage employees to enable automatic updates to defend against the latest risks.
App security. Most connected appliances, toys, and devices are supported by mobile applications. Using default permissions, these apps can gather personal information, putting your employee’s identity and privacy at risk. Instruct employees to set app permissions to the “rule of least privilege.” Say “no” to privilege requests that don’t make sense. Only download apps from trusted vendors and sources.
Never click and tell. Limit the information that gets posted on social media – from personal addresses to favorite coffee shops. These seemingly random details are all that criminals need to know to target your employees.
Additional Precautions when Working in Public or when Traveling
Coffee shops and restaurants around the country have reopened. Your employees may be working or spending time in these public venues while conducting business. Therefore, whether at home, at work, or on the road, cybersecurity should be top of mind. One of the biggest risks to your business network is public WiFi.
Encourage employees to:
Stop auto connecting. Some devices will automatically seek out and connect to available wireless networks or Bluetooth devices. This instant connection opens the door for cyber criminals to remotely access your devices. Disable these features so that you actively choose where and when to connect to a safe network.
Avoid public hotspots and free WiFi. Before you connect to any public wireless hotspot – such as at an airport, a hotel, or a café – be sure to confirm the name of the network and the exact login procedures. Should you choose to use an unsecured public access point, practice good internet hygiene by avoiding sensitive activities (e.g., banking) that require passwords or credit cards. Enhance your security by connecting through a VPN.
Data Breaches Are on the Rise
According to the Cybersecurity & Infrastructure Security Agency (CISA), in 2019, the US business sector had a 17% increase in data breaches. In many instances, cybercriminals rely on human error – employees who fail to install software patches or who click on malicious links – to gain access to systems. From the top leadership to the newest employee, cybersecurity requires the vigilance of everyone to keep data, customers, and capital safe and secure.
thinkCSC is proud to participate in the annual National Cyber Security Awareness Month. Throughout the month, we will share the information that helps us all – as individuals and as organizations – be more cybersecure. We offer a comprehensive suite of security services to help you combat hackers. It’s up to all of us to do more to thwart cyber attacks.
When you put thinkCSC on the frontlines, you can count on us to minimize the impact of global threats with continual monitoring and threat detection. Some of the services we offer to strengthen your infrastructure include vulnerability scanning, internal and external penetration testing, web app penetration testing, security assessments, policy development, and security awareness training. Contact us to learn more.