Companies across the world have adopted the work from home model to maintain business continuity during the ongoing Covid-19 pandemic.
However, the new model has opened up several security risks. Technology companies have now released guidelines to help companies reduce problems associated with the new work environment.
According to Redmond, Washington headquartered Microsoft, it is common for employees to chat and share more than usual during work from home, even if there isn’t an official tool provided by IT (Information technology) teams. And this could potentially lead to hackers getting access to the company data.
"When employees work outside of their offices, away from the comforts of IT teams and advanced security precautions, they may be left unarmed and vulnerable to attackers,” Vaidyanathan R Iyer, security software leader, IBM India/South Asia said in a statement.
New York-headquartered technology giant IBM recommends that workers only use tools that are provided by the employers to work remotely. It advises employees to consult the IT department at the time of uncertainty.
The Big Blue cautions employees against suspicious emails. The company says it is crucial to check ‘from’ email address and recommends not to open any attachments or links sent by an unknown sender.
Cloud-enabled security and data protection solutions provider Barracuda Networks recently found that email-related attacks have seen an increase of 667% since February-end. The Campbell, California-based company also detected 4,67,825 spear-phishing email attacks between March 1 and March 23.
Microsoft warns employees to expect more phishing attempts, including targeted spear-phishing aimed at high profile credentials. It also suggests companies to keep a clear communications policy.
“Establishing a policy helps employees recognise official messages,” it says. It suggests having a video message rather than an email.
"Organisations have been rushing to embrace technology to allow collaboration and ensure productivity with various tools for video conferencing, chat applications, tech support and so on. The current scenario may lead to a wavering attention towards ensuring cybersecurity, greatly affecting each organization’s security profile,” Mary Jo Schrade, Assistant General Counsel, Regional Lead, Microsoft Digital Crimes Unit Asia said.
The Big Blue recommends ensuring employees are aware of the company's incident response plan and on how to get in touch with the IT department remotely if there is an issue.
The company also suggests that firms implement multi-factor authentication (MFA) where possible. This adds an extra security checkpoint such as confirming a login via password, or the use of biometrics, in addition to a second checkpoint spanning a mobile or email confirmation.
The Big Blue also recommends taking advantage of the cloud when working remotely.
"Don’t download corporate files onto personal devices without the proper authorisation and management tools. If you’re using your personal devices for work, make sure to use your company’s Mobile Device Management solution to ensure you’re staying secure and following device policies,” it added.