Global pandemics and organisational disruption are calling on Australian businesses to be reactive and to enact crisis management strategies. With the mass movement of thousands of Australian workers and students into dynamic working-from-home settings, it’s not just business continuity processes we are planning, but it’s also life continuity.
With schools closing and childcare centres unable to service the community, we find more Australian workers at home trying to manage jobs and families simultaneously. This environment increases major threats and breeds cyber-security risks. Many newly remote workers are finding themselves not only equipping and securing their home environment for work, but for the whole family. Children home from school for an extended period will spend more time on parents connected work devices for learning and entertainment.
With this in mind, we thought we’d help IT management to communicate with their staff on how to build cyber-resiliency. Feel free to copy/paste our work:
Dear Staff,
With our new remote working scenario, we’d like to make sure our environment is less open to cyber-attacks. A world health crisis does not stop cybercriminals – it simply gives them additional vectors of attack because of our expanded IT network across remote workers.
It is unlikely your home network has the same security settings in place that we do have here at work, or at your children’s school. To help mitigate our risk of a company cyber-attack, we’d ask that you embark on these key items below:
Home Cybersecurity Audit
Have a quick think about what devices you use for work purposes and what their passwords are. Take some time to change all default passwords and secure them with a two-factor or multi-factor authentication system provided by the company.
Home Cybersecurity Updates
Run updates on the latest security patches on any of your operating systems and browsers, including ones you use for work purposes. These could include the iPhone you use for expenses, the work laptop for O365 access, the tablet you use to check work emails and the home desktop you use to access the company cloud drive.
Make sure home network equipment, such as routers, have updated passwords and are not using factory defaults or the ones typed on the back of your wi-fi modem.
Use Company Cybersecurity Tools
Take time to install or update anti-malware software. There are many options and if you aren’t sure which one, please check with our IT team to implement the best solution for you. If you have children at home using devices, it may be best to set up parental controls and lock down your wi-fi to keep everyone safe while on the Internet.
Attack Cybercrime from Home
It’s likely that cybercriminals are using this time to social engineer you and your family. As more people work from home and share devices for business and personal reasons between families, it’s wise to take these steps:
- Comprehensively read privacy and security settings when subscribing to a new service. Look at who they share data with and send to IT if you are unsure;
- Look at the permissions the new mobile app asks for. Check if it is reasonable and what the permissions integrate with or other sources of data it includes;
- Lock down your login and implement the company authentication methods.
- Be aware that phishing attempts such as fake emails coming from Management, or poorly worded messages requesting suspicious actions from someone pretending to be an employee.
Lastly, while working from home you will want to educate the whole family on crisis-related attack attempts and what to be aware of. To better understand what to look for keep an eye on Australia’s cybercrime register at https://www.cyber.gov.au/threats
For New Customers to RSA SecurID® Access: Free MFA Offering
From cyberattacks to natural disasters to outbreaks of illness, business disruptions come in all forms. It’s why RSA and Loop are offering new customers the ability to securely extend the convenience of working remotely to their employees. For a limited time, you can get mobile multi-factor authentication (MFA) from RSA SecurID Access for free. You can now leverage push notification, biometric tech and one-time password authenticators to secure access to your cloud applications, on-premises systems, legacy systems, privileged accounts and more at no cost for 6 months.
RSA and Loop are in the business of offering peace of mind with its security solutions to help businesses move forward in times of business disruption. Register your details here:
