With millions of people now working from home, cybersecurity has never been more important.
That’s according to Henry Overton, president and co-founder of Turn Key Solutions, a local IT services company that’s been slammed since mid-March with requests from employers wanting to securely transfer their company’s confidential information remotely. As a result, Turn Key Solutions has extended its support hours, making more frequent calls to customers, messaging them via Facebook and offering regular webinars in an effort to accommodate a 25% uptick in service tickets.
“If there’s ever a time that we feel like security and training should be increased, it’s in a time of chaos and change like this,” Overton says. “Doing the basics really well will go a long way toward helping businesses not fall prey to cyber criminals.”
Fortunately, none of Overton’s clients has been hacked yet. But it’s certainly happening elsewhere. The FBI recently issued a warning about using the Zoom teleconferencing app, since a new form of harassment called “Zoombombing”—in which intruders hijack video calls and post hate speech and offensive images—is on the rise across the U.S.
First and foremost, Overton says, companies must realize that nothing is hack-proof, but there are some effective preventive measures.
To protect your company’s confidential information, Overton recommends the following tips:
• Make sure the platform has multifactor authentication. Use a system where you’re granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism—whether it’s something only you know (like a password), something only you possess (like a code sent over SMS), or something only you are (like a user number generated by the app).
• Only use tools with end-to-end encryption. Typical server-based communications systems like Zoom don’t include this feature, in which only the communicating users (i.e., company employees and managers) can read messages. Discuss potential options with your IT provider.
• Maintain a robust logging system. Send security logs to a centralized log management system for archival, then restrict log access to a select group of people to keep a true copy of your logs in one location that hackers can’t reach. Have your cybersecurity teams monitor the log data regularly so they can respond quickly to potential attacks.
• Install commercial-grade firewalls. Turn Key Solutions has installed commercial-grade firewalls on every technician’s home computers, which Overton recommends companies do with their employees working from home. He says it’s more difficult to hack than a residential-grade firewall.
• Prioritize cybersecurity awareness training among employees. “People are the last line of defense,” says Overton, noting an increase in well-crafted phishing attacks. “If your staff is well-trained, then you’ve got a much better shot at solving the problem.”