Coronavirus and Remote Work Heighten Cybersecurity Risks
As increasing numbers of employees work remotely in response to the novel coronavirus (COVID-19) outbreak, companies should be mindful of increased data security risks and take prompt, practical steps to mitigate them.
Increased Risks
The sudden and dramatic surge in the use of telework presents heightened cyber risks, including:
- An increased incidence of phishing attacks using coronavirus references as bait to induce employees to click on email links or attachments infected with malware.
- Enhanced risk of cyberattacks on company networks due to reduced IT staffing and/or need to focus on supporting remote access at the expense of security.
- Business continuity risks arising from the potential lack of system and connectivity resources to handle surge in remote work, compounded by the heightened risk of cyberattacks that could disrupt operations.
Recommendations
These risks have prompted the federal government's Cybersecurity and Infrastructure Security Agency to urge companies to adopt a heightened state of cybersecurity. Companies should take the following steps to mitigate the increased risk:
- Issue Employee Communications
- Alert employees to expect increase in phishing attempts, especially coronavirus-related emails.
- Prompt employees to use strong passwords, especially if multifactor authentication is not implemented for remote network access.
- Remind employees of company's information security policies governing remote work and use of personal devices or, if no formal policy exists, issue guidelines promptly, instructing employees:
- Not to download company information onto personal devices or email accounts or unauthorized cloud or other third-party services;
- Not to use public or insecure home networks, at least without a virtual private network ("VPN") connection;
- To protect against unauthorized third parties accessing any company data; and
- To protect the physical security of the company's devices.
- Prioritize Information Security
- Update security configurations and access controls and patch VPNs and other network infrastructure.
- Dedicate resources for targeted monitoring and detection of cyberattacks (including review of logs that might reveal anomalous activity from outside connections).
- Incident Response Plan
- Update contact information for incident response team, establish secure communications channels, and confirm incident reporting protocols for employees working remotely.