Remote Cybersecurity FAQs for Better Business in 2020

Remote Cybersecurity FAQs Introduction

Hi, I’m Alex, and I spent more than 13 years working in cybersecurity at McAfee. Now I’m bringing that cybersecurity experience to small businesses as the CEO of PreCog Security. 

Remote cybersecurity is a growing concern as businesses worldwide are enabling their employees to work from home. Business owners and employees both have questions about remote cybersecurity. What must be done to securely work from home?

Small businesses have a lot of questions about the impact of remote work on cybersecurity. Here are my answers to some of the most frequently asked questions small business owners have about remote cybersecurity. 

What cybersecurity risks should small business owners be concerned about when their employees work remotely?

It is a common misconception that small businesses are not targeted by cybercriminals and hackers. In fact, Small businesses are heavily targeted: 43% of all attacks are directed towards SMB where average attack cost is equal to $133,000 according to SMB trends. Why is that? Cybercriminals look for ROI. They want to optimize their time and resources. They understand that small businesses lack security skills (up to 62%), but they do have critical data and are willing to pay ransom to cybercriminals in order to continue doing business.

With a remote workforce, ransomware attacks are growing and, according to VMWare Carbon Black, recently skyrocketed raising in March 2020 alone by 148% mostly because the remote workforce lacks discipline in following best practices, enforcing strong passwords, recognizing phishing emails, and not changing wifi protocols to WPA.

Three ways SMBs can protect themselves:

1. Internal Awareness: Security awareness training with an emphasis on email phishing can have a significant impact on improving remote cybersecurity. Did you know that 94% of malware is delivered via email? It’s essential that your remote employees are aware of this in order to protect the business from attacks.

2. External Audit: Cybersecurity firms that provide security risk assessments (penetration test, vulnerability assessment)  help by finding gaps in security and can fix vulnerabilities before the attack happens.

3. Culture of Security – Companies can make security a priority just like they do with customer service and marketing. Proactive cybersecurity with continuous security posture improvement is something that remote employees should rally behind.

How do we prevent phishing & ransomware attacks?

Working from home expands the perimeter of a company’s network. That increases the potential for phishing and ransomware attacks. There are three primary challenges (in addition to continuous cybersecurity best practices such as continuous software updates/patching, and maintaining anti-virus and firewall properly) in remote cybersecurity that small business owners can overcome to protect their business. These challenges are securing wi-fi access, managing password security, and recognizing phishing attacks. 

Securing wi-fi requires properly configuring the router. Someone from the IT department should be able to help remote employees find instructions for the various wi-fi routers. Password management requirements should be a part of your policy that governs remote employees. Lastly, remote employees can be trained to recognize phishing emails.

What do SMBs need to know about cybersecurity for their remote employees? What do small business owners with remote employees need to know about cybersecurity?

Cybersecurity is not a single product, certificate, or resource. Business owners that understand cybersecurity recognize it requires a culture of continuous best security practices. Minimizing the risk of an attack requires effective cybersecurity tools, training, and resources. Cybersecurity is analogous to our own health, where we have to continuously exercise, eat well, drink water, and reduce stress to improve our wellbeing.

Similarly, we can improve security posture through ongoing employee training, two-factor authentication, data backups, updating tools, and regular vulnerability assessments. In the beginning, it’s essential to take an inventory of all potentially vulnerable assets. The next step is properly securing all the devices and ensuring remote workers securely access servers. Additional security measures include adopting a VPN protocol, enforcing two-factor authentication, and providing ongoing security awareness training to employees with an emphasis on email phishing.  

How do we reduce our risk of an attack on a tight budget?

A Security Risk Assessment is a low-cost way to become aware of vulnerabilities, their risk, and ways to mitigate those.  Begin with asset discovery and inventory, where all computers, servers, and infrastructure that need protection are aggregated for review. A vulnerability assessment can help find current and future security issues in the system. And security awareness training, with an emphasis on email phishing, can help employees recognize dangerous emails and malicious links.

Which businesses are most at risk from vulnerabilities in remote cybersecurity?

Physicians, clinics, hospitals, outpatient, emergency, medical supply, and many other types of healthcare businesses represent a perfect target for cybercriminals. They are often understaffed. But, these businesses are vital to governments and the wellbeing of many people. The result means that healthcare businesses are more willing to pay ransoms to cybercriminals. At least 23% of health organizations paid a ransom in 2019, according to Infosecurity Magazine.

What common questions do healthcare businesses have about cybersecurity and their remote employees?

How do we reduce the risk of the attack on a tight budget? 
How do we stay compliant with HIPAA regulations?

What are the proper steps to take when an employee is let go to maintain best practices in cybersecurity?

Business owners are right to be concerned about cybersecurity when firing a remote employee. The former employee should be reminded that they remain under a legal obligation to protect confidential company information even after termination. 

Policy and procedures should be prepared and communicated to relevant managers. This process starts with the IT department. If an employee is terminated, the IT department should be notified to execute the termination procedures. The IT department procedures include revoking access to applications, emails, and VPNs. The IT department may also audit the accounts for confidentiality or security breaches. It’s important to keep records when completing all of the termination procedures. 

What can companies with remote employees do to protect their cloud data?

1. Backup data locally. Even though you will use cloud data, ensure redundancy by backing up data manually to an external storage device.
2. Encrypt data before uploading and storing it to the cloud.
3. Use cloud services that encrypt data. Furthermore, you should use those cloud storage providers that encrypt the data locally.
4. Install anti-virus and anti-malware software. This ensures that the location you are logged in from is secure.
5. Utilize ethical hacking, pen-testing, and vulnerability assessments from third-party professionals. They have the ability to simulate attacks in a safe environment to facilitate the discovery of exploitable security issues.  

How do we ensure work and efforts are not compromised?

There are many ways that attackers compromise confidential data. Both employees and small business owners need to take steps to minimize their risk of being compromised. There are three steps that any business can take to improve their remote cybersecurity. They are installing trusted anti-virus software, maintaining backups of your data, and encrypting your devices.

How do we maintain secure team communication?

Communication is the key to running a successful business. In most cases, remote employees have to use third-party software to communicate. When we use third-party software we lose some of the control over our data. What if the tool we’re using has a security vulnerability? With the recent mass adoption of these tools and software (ex Zoom, Microsoft Teams, Slack), it’s essential that each company and its employees perform due diligence when adopting a new tool. 

There are some helpful questions you can ask before adopting a new software tool: 

How secure is this software? 
Do they have a security white paper?
Are there specific controls in place to minimize the risk of attack or data being stolen?
Is the data encrypted?

The video conference software provider, Zoom, recently had serious security and privacy issues but made a significant shift towards more secure communication. Improvements they’ve made include enabling passwords for each session and adding access controls to the host. This prevents unidentified and unwanted access by potential intruders.  Each third party tool for collaboration is different, but many share similar risks that companies can mitigate by enforcing strong passwords, never sharing passwords, managing access and authentication control, updating software, and not clicking on malicious links.

How do we securely access the company network?

You have three options for accessing the company network remotely. Virtual Private Network (VPN), Remote Desktop Server, and third-party software services. The most popular option is a VPN. Other options include using a remote desktop server or third-party software service.