July 13, 2021 •
If you listen closely, you’ll hear the sound of millions of workers returning to the office after a long hiatus working from home. Whether that means on a full-time or part-time/hybrid basis varies, but one thing’s for sure: each enterprise will have to consider cybersecurity as greatly as employee health with any return to office life.
While workplaces are safer due to a centralized system of company devices closely monitored by security teams, 69% of IT experts worry that a hybrid workplace will bring greater concern of ransomware attacks, according to a study by Tessian. IT teams need to prepare employees both in and out of the office for ransomware attacks like Avaddon, which has been brutally successful at coaxing employees to click on an email phishing link that promises to show them a photo they’re tagged in.
Fortunately, there are ways to prepare for a safe return to the office. So before you dust off the office desktop computers and dig out the rotten leftovers from the fridge, here are some cybersecurity best practices to keep in mind.
A year and a half is an eternity in terms of tech. Employees will undoubtedly have new personal and/or company phones, laptops, printers, webcams, wireless keyboards etc. It can also take an eternity for new software to be downloaded, and communication tools like Zoom and Slack installed. Be sure to make time for all of these services and devices to be properly onboarded and logged by your security team.
All those new devices also need to be scanned for viruses, patched and updated to new operating systems before being onboarded to the network. So set up a station upon entering the office for your IT team to scan devices before they come inside. Or better yet, organize rolling dates for staff to bring in their devices before a full return to the office so as not to overwhelm the IT department.
Routine security trainings can be as boring as those videos rolled in by the substitute teacher in high school. If cybersecurity training isn’t engaging, employees will see it as tedious punishment and probably not pay it much mind. That can be a huge problem at the office when all devices are connected. Aim to build a culture where everyone is working together to prevent cyberattacks by making your security training as specific and up-to-date as possible. One way to do this is to schedule time for your IT team to give a brief 1-on-1 overview of best practices when devices are brought in for their scan.
As prevalent as cyberattacks are these days, the way cybercriminals pierce a network hasn’t changed: human error. Nine out of ten data breach incidents are caused by employee mistakes, according to Tessian. So in addition to general cybersecurity training, have employees create new secure passwords when they return to the office. Also, remind them not to store their passwords on a piece of paper in their desks and to avoid sending them via email or message.
When the pandemic hit it was a mad scramble to start working from home. Now that we’re returning, the approach to strengthening cybersecurity can be a little more measured. Take this opportunity to reassess your cybersecurity strategies to ensure everything your company runs on — VPNs, firewalls, operating systems and accounts — is protected by 2-Factor Authentication. LoginTC is your one-stop-shop for all your 2FA needs, from push notifications to SMS, to hardware tokens.
Get started with a 15-day free-trial now.