Among all of the changes that occurred in 2020, one of the most challenging from a cyber security perspective was ensuring businesses properly equipped a remote workforce to protect their employees and IT systems. While many employees have returned to the office, many still continue to work virtually. Here are 5 Cyber Security Lessons Learned in 2020 That Your Businesses Should Implement in 2021.
1. Supply the right tools for remote working from home
If possible, any business with work from home employees should provide company-issued laptops with the latest security and software in place. Installing the XSurf Log
extension to all employee laptops is an inexpensive way to manage employee web browsing risk and report suspicious websites immediately.
2. Enhance cybersecurity
One of the easiest and most important things businesses with remote employees can do is require multi-factor authentication for user logins. Also, optimizing home router security, leveraging advanced threat detection and advanced threat prevention, as well as having top firewall and anti-virus software installed on all devices.
If you’re not sure where to start with all of this, contact us for our Work From Home Audit
serives. Our Audit report includes an explanation of each Cyber Risk and the actions to take to reduce the Risk.
3. Establish information policies & procedures
A best practice that many companies overlook is to have an information policies and procedure
in place that is ISMS compliant. This helps to reduce company liability, decrease employee privacy expectations and protect important company data.
They are even more important for employees working outside of the office. Remote users are at greater risk of cyberattacks and require usage guidelines that can help protect the employee and the business from security breaches.
4. Don’t take the bait
While the term phishing may be a well-known household term now, it is still a popular and effective way for attackers to infiltrate your system. Cyber attackers steal sensitive information, usually through emails containing a link to what appears to be a legitimate website. Making Phishing a top threat because the emails can be easily mistaken for legitimate communication from a large company.
So, to combat phishing, employees should know how official communications will be sent, treat unknown e-mails and links as suspicious, and have an easy way to alert their IT security team. A great solution is to require all employees to download the XSurf Log
web browser (Chrome or Firefox) extension. It is the only product that can detect and block phishing login pages.
5. Employee training to recognize cyber threats
The 2020 State of Cybersecurity Study from ISACA
found that employees can be almost as dangerous to a business’s security as cybercriminals even though they didn’t mean to be. Unfortunately, employees can be directly responsible for becoming a victim of ransomware, spear-phishing attempts and data breaches.
It is more important than ever to ensure your employees are consistently kept up to date with cyber security training
so they can recognize potential cyber security threats.
For example, there should be strict internal policies
in place to prevent an employee from unwittingly transferring a cybercriminal money in a successful spear-phishing attempt.
If you have any questions about the 5 Lessons your business should implement for 2021, or you’re just not sure where to start with your business’s cyber security, give us a call! We’re Australia’s top business cyber experts. You can help get you started in the right direction.