A leading cyber security research organisation has recently released the results of a survey conducted by them to study the security risks involved in remote working. Two key takeaways that every organisation should note down are:
- 1 in 6 organizations has suffered a cybersecurity incident directly related to remote working.
- 1 in 3 organizations does not provide cybersecurity awareness training to remote employees.
The above pointers are self-explanatory and tell a lot about why cyber attacks have been on the rise since Covid-19. In its article, Global News Wire mentioned that “remote workers are also highly targeted by cybercriminals, resulting in a 238% rise in cyberattacks.” This is concerning.
How to stop cyber-attacks during remote working?
One definite way is by increasing awareness among employees about different ways cyber criminals can target them. This is not limited to email phishing. The management needs to keep in mind that during remote working, the chances are high that most of the critical files and documents are accessed from other devices like a personal laptop or a mobile phone. In such cases, you cannot entirely rely on the anti-malware installed on the systems provided by the companies to the employees.
How to train remote employees to curb cyber-attacks?
- Multi-Factor Authentication
- With multi-factor authentication, you can ensure that no email is accessed without your employee double-checking the login attempt. This works the best when emails are accessed from personal devices as well. Every login attempt will send a security passcode to the device which will then have to be re-entered on the device where the login attempt is happening and if both the codes match only then will the individual get access to the email. This can also be used for CMS and other logins. MFA also uses fingerprint authentication which is one of the best security measures.
- Secure Your Virtual Meetings
- Your virtual meetings can easily give access to internal information if a criminal finds his way into it. This is common during all-hands meetings or where large groups are involved. In MNCs where employees from different countries connect with each other via a software for calls, people would not know each other even by their first names. In scenarios like these, the criminal might go unnoticed. So make sure the software you use offers end-to-end encryption. Other than that, keep your meetings private and don’t allow individuals to randomly join the meeting. To access the meeting, the host should allow them to. You can also opt for a passcode or a password for entry.
- Run Cyber Security Phishing Drills
- If you take the necessary measures but the employees are not aware about how, where, and when they can be attacked, the chances of your efforts going to vain are high. It’s advisable to run timely cyber security phishing drills to keep your employees informed and alert. To do so, you can invest in a product like ProPHISH that takes care of it.
With ProPhish, it’s much simpler to run these campaigns as it allows you to:
- Choose a pre-designed template or customize the template as per your requirement.
- Choose a target group for the campaign
- Launch the training module along with on spot assessment for the phished employees
You can then effectively track various phases of this campaign with the help of our dynamic dashboard and granular reports that help the administrator to understand the organization’s overall awareness level about cyber attacks and security. Going forward, these reports will also help you identify the segment of users that require more focus on security awareness hence letting you make better and informed decisions when it comes to planning for cyber security measures in the future.