GadellNet is continuing to help all of our clients transition to a work-from-home policy wherever possible. As the earliest concerns of connectivity are beginning to subside, new and perhaps more important concerns of security are beginning to pour in. Once workers leave the secured network of their office, regardless of whether they are fully cloud or server-based, they are immediately putting their company data at risk. Moving at short notice from a trusted office environment to working remotely can create security risks. On top of this, nasty opportunist crooks are already using the coronavirus as subject matter for their phishing scams, hoping that the unwary will click through and hand over passwords or other data.
For the majority of our clients taking advantage of the Guru Sentry security platform, rest assured that you’re taking the right steps to insure your users, hardware and data stay secure while out of the office. We’ve been asked a lot of questions about this lately, so wanted to highlight a few things on how your people and data are protected at home. Guru Sentry employs two components that protect end users when remote work is becoming the norm.
While there are significantly more actions that can take place to limit your cyber security risk, we feel every small business should incorporate the following immediately:
#1 – User Education
It is absolutely critical to educate your entire team on the cybersecurity threat landscape, bad actors, common scams and ways to identify those scams. Our education platform addresses this using a multilayered approach:
- Annual cybersecurity awareness video training
- KnowBe4 publishes high quality, non-technical, user-friendly content and keeps it frequently updated with the latest industry information to make sure your employees stay educated on the types of threats they can expect to experience on a day-to-day basis. They will learn how to spot red flags that will help them separate the legitimate from the malicious emails they receive.
- Frequent Phishing Simulations
- Training is a necessary first step, but without constant reinforcement, the benefits diminish over time. To keep the issue of email security top of mind, we send simulated phishing emails to your users, usually once a month.
- Report Those Emails!
- Using the Phish Alert button, your users can report any suspicious emails they receive for evaluation. If they get an email they’re just not sure about, our security engineers will investigate it and let them know if it’s safe or not.
#2 – Network Traffic Filtering
Cisco Umbrella protects endpoints on the network and while out of the office using a “roaming client” we have installed on your workstation. It proactively enforces policies to prevent users form visiting malicious places on the web. It’s basically your first line of defense on the internet from cyber-attacks such as malware, phishing and command/control callbacks. We leverage your DNS to enforce policies and gain visibility after we deployed it.
#3 – Don’t mix personal and business devices
One of the biggest risks of connected personal devices is the fact that many are unsecured or not secured properly. GadellNet highly recommends not using personal devices to access any company data – ever.
If you have any further questions about these security measures, or if you are unsure of how it works in your own environment, please reach out to us for assistance.