As many companies adopt work-from-home policies in response to the COVID-19 pandemic, cybersecurity is a growing issue.
In this critical time, business leaders have a heightened responsibility to set clear expectations about how their organizations are managing security risk in the new work environments, leveraging new policies and technologies and empowering their employees.
Additionally, individual employees have critical roles in securing their organization and in ensuring that cyberattacks don’t further compound the already-disrupted work environment.
Here are Palo Alto Networks’ recommendations for business leaders and individuals:
How Businesses Can Respond
Understand the threats to your organization. Business leaders should work with their security teams to identify likely attack vectors and prioritize the protection of their most sensitive information and business-critical applications.
Provide clear guidance and encourage communication. They must ensure that home-working policies are clear and include easy-to-follow steps that empower employees to make their home-working environment secure.
Provide the right security capabilities. Leaders should ensure all corporately-owned or -managed devices are equipped with essential security capabilities, extending the same network security best practices that exist within the enterprise to all remote environments.
How Individuals Can Respond
Users must be empowered to follow the guidance provided to them by organizations and take preventative measures.
Maintain good password hygiene. Employees should use complex passwords and multifactor authentication where possible and change these passwords frequently.
Update systems and software. Individuals should install updates and patches in a timely manner, including on mobile devices and any other non-corporate devices they might use for work.
Secure your WiFi access point. Individuals should change their default settings and passwords in order to reduce the potential impact on their work of an attack via other connected devices.
Use a VPN. VPNs can help create a trusted connection between employees and their organizations and ensure ongoing access to corporate tools.
Be wary of COVID-19 scams. Threat actors love to exploit real-world tragedies, and COVID-19 is no different.
Don’t mix personal and work. Employees should use their work devices to do work and their personal devices for personal matters.