FTI Journal
FTI Journal | Critical Thinking at the Critical Time
 

How to Protect Yourself and Your Employees in a Remote Work Environment

How to Protect Yourself and Your Employees in a Remote Work Environment

With organizations shifting to remote work environments due to the coronavirus pandemic, FTI Cybersecurity offers advice to strengthen cybersecurity at this crucial moment in time.

T

he cascading implications of the COVID-19 outbreak on the global workforce are immense, not least of which is the shifting of entire teams to remote working environments. While priority number one is and should remain our collective health and safety, FTI Cybersecurity considers how the increased cybersecurity risks that come with the shift can be mitigated or avoided.

Helping employees protect themselves and your organization

1. Make your employees aware of the increased threat: Employees who find themselves working from home or in a location other than the office must be aware of the specific cyber threats they face. Cyber criminals still attempt to exploit the human element when we're conducting business in the more secure environment of the office; but they can be even more dangerous when we’re deployed in a remote working environment. Encourage employees to review their cybersecurity awareness training, and if they have not participated in such a training, provide them with guidance on how to spot a phishing email, one of the simplest yet common forms of a cyber attack. The evidence of the last few weeks certainly suggests that malicious cyber actors are exploiting the public’s concerns about COVID-19 to launch social engineering attacks resulting in people opening harmful links or attachments.

2. Protect vulnerable home networks: Many individuals are unfamiliar with the significant security vulnerabilities that are present on their home wireless networks. With relative ease, cyber criminals can use simple tools, like an antenna, to eavesdrop on Wi-Fi traffic from the comfort of their own cars. Prevent unwanted eavesdropping by using encryption whenever possible and only accessing secure websites (i.e., those that begin with “https”).

3. Change your credentials: Many users often do not update the default login credentials on their Wi-Fi routers. These credentials are commonly known and shared by malicious actors, allowing easy entry to home networks. Anyone working from home should change their default credentials immediately. (Consult your device’s operating manual for guidance.) Unfortunately, login credentials aren’t the only way unauthorized users can gain entry.

4. Secure all online devices: Any Internet-connected device can be used as an access point to a home network. This includes mobile devices, such as a cell phone or tablet, and smart devices, like Google Home or Amazon’s Alexa, which often have inherent vulnerabilities. Individuals regularly use the same Wi-Fi network for all of their home devices, meaning if a malicious actor is able to gain access to one device, they can then jump to others. Protect these devices by strengthening the complexity and uniqueness of their passwords.

5. Keep your virtual desktop clean: Whether it’s intellectual property, customer information or confidential data, it’s common for individuals to have sensitive files on their work laptops. And even if an employee’s laptop is free of this type of data, if the machine is compromised, it can be leveraged to gain entry to their organization’s systems and networks. Additional cybersecurity measures need to be implemented when working remotely to ensure the protection of valuable information, such as not downloading sensitive information and transmitting this data via unencrypted email.

Three key steps to help your employees

• Use a virtual private network ("VPN") to allow for an additional layer of security and provide an encrypted connection. Even if cyber criminals are able to intercept network traffic, they will be unable to decipher the information if it’s encrypted.

• Implement multifactor authentication as a useful deterrent if malicious actors have a user’s credentials. This prevents stolen login information from being used, since the hacker would also need access to an individual’s physical device, like a mobile phone, to receive the secondary information needed to login.

• Keep operating platforms updated to ensure that gaps to known vulnerabilities in software/firmware and in-home devices are fixed. Cyber criminals routinely target low hanging fruit, usually existing gaps that have failed to be patched, since it’s an easy access point. Performing regular updates will eliminate obvious points of entry.

FTI Cybersecurity has published numerous cybersecurity articles highly relevant to the Coronavirus era: Here are steps to stay protected while connected to Wi-Fi, both at home and in public. This article offers 10 ways to protect mobile devices

Just as cybersecurity threats are always evolving, so is the COVID-19 outbreak and related cyber attacks. The FTI Cybersecurity team will continue to track cyber activity related to the virus and provide regular guidance and support.

 

Published March 2020

© Copyright 2020. The views expressed herein are those of the authors and do not necessarily represent the views of FTI Consulting, Inc. or its other professionals.

About The Authors


Joshua Burch
Joshua.Burch@fticonsulting.com
Senior Managing Director
Head of Cybersecurity, EMEA
Forensic & Litigating Consulting
FTI Consulting

Kate Brader
Kate.Brader@fticonsulting.com
Managing Director, Cybersecurity
Forensic & Litigation Consulting
FTI Consulting

Share This

Practices


Forensic & Litigation Consulting
The Forensic and Litigation Consulting practice at FTI Consulting provides multidisciplinary, independent dispute advisory, investigative, data acquisition/analysis and forensic accounting services to the global business and legal community. Our team supports clients facing high stakes litigation, arbitration and compliance investigations, and regulatory scrutiny.
Read More

Related Articles

  • How to Protect Yourself and Your Employees in a Remote Work Environment

    Protecting Data is the Smart Thing to Do. It’s Also Good for Business
    The road to data compliance is both challenging and rewarding. With the General Data Protection Regulations (GDPR) now in effect, here’s how companies should act.

  • How to Protect Yourself and Your Employees in a Remote Work Environment

    Stay Protected While Connected: Wi-Fi Safety
    Think your Wi-Fi connection is secure? Think again. Whether at home or in public, the connection may leave a window open for nefarious actors to climb inside your digital life. In the third of four articles for National Cybersecurity Awareness Month (October), FTI’s cybersecurity team presents essential best practices for protecting your wireless connection.

  • How to Protect Yourself and Your Employees in a Remote Work Environment

    How Can We Better Protect Our Medical Devices When It Comes to Cybersecurity?
    Managing Director Brian Stites of FTI Cybersecurity answers a question that few contemplated until recently, but must be seriously considered as more life-saving devices come online. This is the second in our series for National Critical Infrastructure Security and Resilience Month (November).

Latest Articles

Related Articles

  • How to Protect Yourself and Your Employees in a Remote Work Environment
    Protecting Data is the Smart Thing to Do. It’s Also Good for Business
    The road to data compliance is both challenging and rewarding. With the General Data Protection Regulations (GDPR) now in effect, here’s how companies should act.
  • How to Protect Yourself and Your Employees in a Remote Work Environment
    Stay Protected While Connected: Wi-Fi Safety
    Think your Wi-Fi connection is secure? Think again. Whether at home or in public, the connection may leave a window open for nefarious actors to climb inside your digital life. In the third of four articles for National Cybersecurity Awareness Month (October), FTI’s cybersecurity team presents essential best practices for protecting your wireless connection.
  • How to Protect Yourself and Your Employees in a Remote Work Environment
    How Can We Better Protect Our Medical Devices When It Comes to Cybersecurity?
    Managing Director Brian Stites of FTI Cybersecurity answers a question that few contemplated until recently, but must be seriously considered as more life-saving devices come online. This is the second in our series for National Critical Infrastructure Security and Resilience Month (November).

Latest Articles

It looks like you're enjoying this article. If you'd like to receive email updates from the FTI Journal, please consider subscribing.
The views expressed in this article(s) are those of the author and not necessarily those of FTI Consulting, Inc., or its professionals.
©Copyright, FTI Consulting, Inc., 2012. All rights reserved.

https://ftijournal.com/article/how-to-protect-yourself-and-your-workers-in-a-remote-work-environment