Reports from the cyber security industry worldwide indicate a massive rise in cyber crime incidents since the COVID-19 pandemic was announced and lockdown began. In some countries the monthly spike was as much as 400%. This was due to cyber criminals making opportunistic attacks on businesses that had to shift unexpectedly to online platforms without comprehensive security strategies in place.
South Africa experienced the biggest rise in hacker attacks in mid-March, when businesses were moving their workforce to home locations so they could continue working while social distancing.
Cyber criminals have been getting richer in the past few years as more companies fork out big sums for ransomware. They make it their business to target those who haven’t kept up with advancing technology. And the best time for hackers to strike is while businesses are sorting their security strategies out.
Now that lockdown has forced many businesses into remote working, IT leaders believe it’s likely to become the new normal for a substantial part of the workforce. The world is busy proving that cloud technology has advanced to a stage that can make remote work highly efficient.
Joint CEO of IronTree, David Lees says, “Remote working isn’t a temporary thing – it’s been gaining momentum in recent years and it’s here to stay.” Even in 2019, research by Buffer indicated that 99% of respondents said they would prefer to work remotely, at least for some of the time, for the rest of their careers.
Business magazine Forbes recently reported on the three major risks of remote working: home wifi security, phishing scams and insecure passwords. All three of these risks fall in the lap of the user and are outside of what current cyber technology can do to protect your personal and work-related data. These risks can be reduced by virtual training in cyber security for team members.
Let’s look at each risk in more detail:
1. Home wifi security
It’s virtually impossible to control each member of your team’s home environment in terms of firewalling or using a VPN and wireless network encryption. Newer technology in the form of cloud-hosted IT environments such as the virtual private server (VPS) is more effective. With a VPS, your team members only use their devices to connect to the apps they use which, along with the data they produce, are securely stored in the cloud.
2. Phishing scams
A VPS isn’t going to prevent your team from falling for phishing emails. Nothing except a discerning work ethic is going to stop users from thinking before they click. Phishing scams have soared during lockdown under the guise of advice or warnings around the pandemic. The only way to prevent users from falling victim to phishing is by educating them in cyber practices, and nurturing discernment around security.
3. Insecure passwords
Your team members are responsible for their own passwords, and if just one user’s password is weak and guessable, it can compromise the safety of all users, and your system. With a password strategy in place you can enforce rich passwords by setting the parameters to include uppercase, lowercase, symbols and numbers into them. You can also make two-factor authentication mandatory to render dictionary attacks ineffective.
Cloud-hosted solutions undoubtedly improves remote setups
Most businesses weren’t prepared for the massive rollout of their entire workforce working from home, and consequently security wasn’t geared up for it. In some cases, workers landed up using their own devices that weren’t equipped with the tools to monitor malicious activity, such as malware and unauthorised logins.
Cyber security experts recommend that businesses improve the accessibility and security of their systems and data by moving their work applications to a cloud-hosted environment. In this scenario, business data remains on cloud-hosted servers no matter where staff are working from, and no matter if anything happens to their devices.
We are taking all necessary precautions around the COVID-19 situation. Our offices are closed and our team members have each been set up to work remotely in self-isolation at home. As far as possible IronTree will maintain business as usual. All our resources such as server platforms, transactional capacity, telephony and electronic communications, including video meeting facilities, have been configured in the cloud and are 100% operational. Please feel free to contact us if you require our assistance. Stay safe!