3 Biggest Cybersecurity Concerns Now & How to Handle Them

With the lockdown gradually easing, businesses are finding ways to enable employees to work both at home and in the office. However, this emerging work-from-home + office paradigm has its own set of security concerns business owners need to watch for. With workers juggling work-from-home and in-office work, businesses today have to answer 3 key questions:

1. How do you control equipment and assets outside the office?
2. How can you ensure credentials and confidential information stays safe?
3. How do you protect against crippling ransomware attacks?

With staff and resources operating on-site and remotely, security challenges are harder to monitor, and attack surfaces have increased in size. As the country opens back up and we transition from a pure work-from-home environment, it’s important to have a clear cybersecurity plan to address these emerging concerns.

1.     Securing Equipment in the Office and at Home

When the pandemic hit, one of our clients had no choice but to send sensitive office equipment home with employees for over 3 months to maintain service continuity. Because humans tend to be the weakest link in cybersecurity, these are the concerns that kept our client up at night.

What could go wrong?

Home networks are inherently less secure than on-site networks. Running office machines in a work-from-home environment greatly increases the possibility of data getting stolen. Trust is another factor. Workstations and high-end office laptops are valuable assets. The hardware itself could get damaged or stolen, or employees might simply decide not to return it.

What you can do

Equipment is vital to many processes. If you want your employees to work from their homes, you will need to send it with them. There are ways, however, to mitigate the risk: 

• Limit the amount of equipment that’s taken off-premise and the duration it’s taken for. The more time equipment spends on-premise, the safer it is.
• When employees do take equipment home, regularly check-in with them. Then you can take remedial action right away if equipment is damaged, lost or stolen.

Compass Computing Group can help, too. We install and manage Hexnode mobile device management (MDM) software on equipment that goes off-premise. This helps you track equipment status and completely disable hardware if it’s lost or stolen. Some MDMs reside at the bootloader level, making the system and its data useless to someone without the right credentials.  

2.     Making Sure Credentials and Information Stay Safe

Whenever a worker takes equipment home with them, it’s not just the hardware that’s at risk. When equipment goes off-premise, confidential information, documents and credentials need to be secured too. 

What could go wrong?

Any teenager out there with a bit of coding knowledge can hack into a Windows laptop. If you’re in an industry like healthcare or finance, this raises the possibility of vital data getting stolen. At the very least, your credentials and customer information could be sold on the Dark Web. The worst-case situation? A cybercriminal could use sensitive credentials to impersonate you, shut down your business, or damage supply chains.

What you can do

Beef up your software security! If your laptop gets stolen, all it takes is swapping your hard drive into a different device to access all your data. At a bare minimum, purchase antivirus software (you can get it for $20-$30 per year). Keep in mind, free options are free for a reason. An individually purchased antivirus software won’t be as robust as a trusted managed service provider would offer, but it is better than nothing.

3.     How to Protect against ransomware

Cybercriminals don’t need physical access to hardware to take your data hostage. Ransomware attacks can originate from anywhere and happen at any time. Because social engineering is a critical part of many ransomware attacks, the human factor is often the weakest link in your security.

What could go wrong?

To bolster your ransomware readiness, we’ve adopted Webroot SecureAnywhere DNS Protection and SentinelOne ransomware protection. By filtering out malicious URLs, Webroot ensures that your workers won’t accidentally visit malicious sites.

Let’s take a look at a possible scenario: One of your workers leaves their laptop unattended at home. Their 10-year-old fires up a browser and tries to download “free games” and inadvertently infects the system with ransomware. Thousands of dollars’ worth of work, not to mention your clients’ trust, is now being held hostage.

What you can do

If even a single device is infected with ransomware, it can put your entire on-premise network at risk when it’s brought back. You need to implement a strict IT policy and put those devices in a decontamination chamber before allowing them to connect to your on-premise network. When devices are returned, connect them to a guest network first and run multiple scans and security checks.

We know how to protect against ransomware. We leverage Sentinel One’s advanced static and behavior AI routines to comprehensively tackle ransomware. Our SentinelOne solution even comes with a $1 million ransomware warranty to ensure peace of mind. 

Stay Cybersecure to Survive the Transition

With the pandemic still in full swing, work-from-home appears to be here to stay, at least for the next several months. Business owners have a whole new set of challenges to face. This doesn’t mean that you can or should neglect security. We handle all things IT. Reach out to us today. Call 503-691-5706 or email us to schedule a meeting. Let us take IT off your plate.