Companies Can Take Steps to Protect Their Operations from Cyber Criminals in the New Business Landscape
SALEM, MA, April 02, 2020 /24-7PressRelease/ — With the sudden shift to work-from-home operations, businesses are now forced to deal with increased activity from both independent and nation-state cyber criminals. But, according to Andy Sauer, Director of Cybersecurity at Steel Root, there are steps every company can and should take to safeguard their systems and data.
“Unfortunately, malicious actors will exploit any opportunity to access and steal your data, including a global health crisis that drives your workforce out of the office.” Sauer said. “With entire companies teleworking from home, the risk of a compromise is heightened; in response, companies need to be more vigilant and implement new processes and procedures to ensure that cybercriminals are not successful during this time of increased risk.”
Why the increased threat? There are a number of reasons why the sudden move to a remote workforce can lead to cybersecurity breaches. These include:
– Behavioral changes: Working off site, employees tend to be more relaxed and more likely to let their guard down – perhaps even answering emails designed to provide data access to hackers. Also, with stress levels increased, staff might be more inclined to be reactive and less strategic in their actions. Malicious actors typically apply high pressure and quick turnaround.
– Situational changes: Working in disparate locations, security instructions and access rules can fall through the cracks. This can result in less stringent oversight of transactions and other key workflows.
– Technological changes: Suddenly companies are forced to extend their firewalls beyond the physical boundaries of their office. Company systems are being accessed from a wide range of devices, even personal devices. These changes can lead to compromise, data sprawl and other challenges.
What businesses can do. There are procedures companies can adopt to shore up their cybersecurity to prevent potential attacks and data breaches. Sauer suggests implementing the following 9-step plan:
1. Organize your response to this crisis in advance of a problem. Get communication, incident response and business continuity plans in place, and share with all personnel.
2. Adapt and set organizational expectations and rules of engagement for communications.
3. Make sure you have a Disaster Recovery plan, with Backup and Restore of all systems.
4. Establish approvals for key workflows, such as transactions or security permissions – and ensure that you have a process for verifying these critical activities (ex. wiring money).
5. Prioritize the use of multifactor authentication or other conditional rules for accessing company systems remotely.
6. Make sure your employees are only using approved company devices to access company data – set strict guidelines for the use of personal devices.
7. Check to see that you are appropriately licensed – some VPN solutions will not allow users over the maximum license count.
8. Business must go on. Workflows must continue. Make sure you have the tools and infrastructure in place to support normal working conditions remotely.
9. Enlist the assistance of your IT/security team/outsourced providers to support your business through this temporary but substantial change.
ABOUT STEEL ROOT
Steel Root is the first IT services company in the Boston area to focus exclusively on cybersecurity and compliance. Steel Root is a leader in the government contracts market, helping federal and defense contractors meet cybersecurity and compliance requirements under CMMC, FAR, DFARS, and ITAR. The company has posted triple-digit growth every year since its inception in 2015 and is 100% self-funded. Visit our website at https://steelroot.us/.
For the original version of this press release, please visit 24-7PressRelease.com here