WFH opens up whole new horizons in terms of flexibility, productivity, and cost savings. But, it also opens your business up a little more to cybercriminals, as you can’t have a hands-on approach to cybersecurity, especially if your employees are using their own devices for work. This blog discusses some mechanisms that you can use to mitigate the risks of becoming a victim of cybercrime in the WFH setup.

Multi-factor authentication (MFA)

Instead of using a single password for data access, multi-factor authentication adds more layers to security. If WFH has your employees accessing their work computers remotely, then you simply cannot skip multi-factor authentication. Multi-factor authentication works by confirming the identity of the user across three areas:

1. What they know: Examples include asking for User IDs, passwords, answers to ‘secret questions’, verification of their date of birth, etc.
2. What they have: This includes physical tokens, access cards, OTPs (one-time-passwords) sent via text or email, etc.
3. Who they are: This authentication mechanism includes biometric authentication such as retina scan, fingerprint, or voice recognition.

While the third kind of authentication (who they are) may not be easy to implement in a WFH scenario, you can still use multi-factor authentication to include the first two options.

The Cloud

Using the cloud to store your files presents a lot of advantages in the WFH environment if you choose the right solution. It certainly saves time and effort as files don’t have to be emailed, transferred by removable media or whichever free file-storage solution the employee uses. The right solution eliminates version control challenges, and ensures timely access to data. But, did you know that you can also leverage the cloud to thwart security threats presented by the WFH scenario? The cloud lets your employees work safely from anywhere and can offer more safety than local data storage mechanisms. A good cloud solution encrypts the data in storage as well as in transit. This combined with authenticated access means more obstacles for unauthorized access to confidential information compared to accessing on an average personal computer. With the right solution, the chances of data loss are minimized and good solutions also protect against malware. Unlike data on computers, which can be lost if their device malfunctions, is stolen or otherwise compromised, any data put in the cloud stays there.

Employee Training

Did you know that lack of knowledge is one of the major reasons behind companies and individuals becoming victims of cybercrime? All it takes is one wrong click to open the floodgates, and the only way to stop that from happening is to train your employees on cybersecurity best practices. Training will not only provide them with a clear set of do’s and don’ts, but also help them identify situations where they may be a possible target. Training on cybersecurity best practices can cover a wide range of topics, but here are a few that should not be missed:

• Password hygiene
  • What does a good password look like?
  • Why is password sharing an absolute no-no?
• How to identify phishing attempts?
• Why is it important to install software updates and patches on a timely basis?
• Data storage best practices
• The risks associated with public WiFi such as those at malls, coffee shops, or airports

You can also conduct mock drills to see who grasps these concepts and who needs further training.

An experienced MSP can help you overcome the cybersecurity challenges propelled by the WFH scenario. They can put your mind at ease by taking care of everything--from cloud solutions to employee training, and beyond.