With the novel Coronavirus pandemic, many people are working from home and often with fewer security defenses on their home network that they would have in the office. For example, many people are using a wireless network that is not protected or network without any firewall at home. Some employees are also using home computers for company business that do not have the latest antivirus or the most recent security updates (for both the operating system and software applications).
With people under a lot of stress and distraction in the current pandemic, computer security or protecting the company data is the last thing on their mind. As a result, it creates conditions ripe for cyberattacks of all sorts. The pressing threat has created an environment for scammers, hackers, and spammers. Major IT news outlets are reporting an uptick in ransomware attacks that are disrupting businesses all over the world.
eSudo would like to share ways and information to help protect you and your company from cyberattack:
1. Computer Updates – Keep your computer’s software updated with the latest security. For example, run Windows Updates, MacOS updates and install the most current software version of your company VPN client and the latest updated Chrome web browser.
2. Anti-Virus – Have anti-virus and anti-malware installed and running on your computer with recommended daily updates and scans.
3. Unfamiliar Emails – Do not click on email links or open attachments from anyone you do not know.
4. Multi-Factor Authentication – Use multi-factor authentication or two-step verification for your email or online accounts. This security feature verifies “is it you” trying to access my account? For example, set up two-step authentication for your Office 365 or Google Apps when you logon to access email or on-line storage such as OneDrive or G-drive. Two-step authentication is what your online banking systems use – you must enter a username, password, and one-time code or text message code to complete the logon process.
- a. For Office 365, here is the step-by-step Setup Instruction Guide for 2-step verification:
https://support.office.com/en-us/article/set-up-2-step-verification-for-office-365-ace1d096-61e5-449b-a875-58eb3d74de14 - b. For Google Apps or G-suite, here is the step-by-step Setup Instruction Guide for 2-Step verification:
https://support.google.com/a/answer/9176657?hl=en
5. Use Password Manager to create strong password – We have so many passwords to remember for various accounts and it is recommended you a password manager to create strong password and unique passrod for each account. For example, we have setup Lass Pass and RoboForm for many of our customers, but there are many more out there. Using your browser manger manager is okay but aren’t as powerful and useful as third-party password managers.
6. Phishing Emails and Phone Scams – Train your employees on how to detect potential phishing emails and phone scams. 95% of breaches are caused by
human error.
7. Cyber-Security Insurance – get cyber-security insurance coverage for your business and protect against cyber-attack and ransomware.
8. Be Careful When Using Public WiFi for Conducting your Business –. Using public WiFi or hotspots can be very risky activity because you do not control the WiFi device or the firewall you are going through.
You should consider the following safeguards when using Public WiFi…..
Use VPN, SSL Connection and Turn Off Sharing on your computer if you must use public WiFi.
-
- a. Use the Company’s latest VPN client version from SonicWALL SSL VPN or Global VPN, Fortinet and Cisco VPN client to connect to your office.
- b. When using a web browser, confirm you are using the security protocol SSL connection. For example, in a Chrome web browser, it will have an SSL lock pad icon on display in the URL bar (see snapshot listed below). When you go https://support.google.com/a/answer/9176657?hl=en
[img src=”/wp-content/uploads/2020/03/Picture1.png” class=”aligncenter”]
9. Corporate Software Applications – Keep corporate-wide applications or software versions up-to-date or use only the vendor support release. For example, do not use an old version of Microsoft Office or QuickBooks that are no longer supported by the software company. They will not have the latest security updates/patches available anymore.
You can download a free network audio report to learn about how to protect your business at the following link:
http://esudo.com/free-stuff/avoid-five-computer-disasters/
10. Online Web Meeting Tools – many people are using online web conference to host video conferences or chat or text messaging. It’s important to be aware of the ways these tools may impact your digital privacy and security. Free products from Zoom, Skype, Hangouts and Slack may collect and store your information and retains messages. Read the vendor privacy rules to understand how they track users and what is stored. You should consider using your company web meeting tools so you can control your own privacy. For example, if you have Offiice 365 or Google apps or 3CX Phone System, use Microsoft Teams, G-Suite Hangouts or 3CX Web Meeting tools.
If you like to learn how we can help to work remotely and stay safe, including a cyber-security package that includes insurance for ransomware and employee security training, contact us at http://esudo.com/about-us/contact-us/.