Alan Hawkins, General Manager, software & security, Tarsus Distribution
COVID-19 has reshaped our workplaces and many companies are announcing that employees won’t be coming back to the office anytime soon. Large corporates with big technical resources have rapidly put together work-from-home (WFH) policies and systems aimed at securing business data and devices, but what about small-to-medium enterprises (SMEs)?
Here are three ways to shield your business:
- Safeguard devices and data
- Beware the family
- Train your team
1. Safeguard devices and data
Security suites from companies like Kaspersky, Check Point and Sophos generally come with a variety of important features, including antivirus firewall, antispam, and parental control tools. The more advanced suites typically include password management features, ransomware protection, and a virtual private network that will protect your internet connection by encrypting your information and hiding your online activity from cyber criminals.
Should an attack be successful, it is vital to be able to recover your data to ensure business continuity. A backup and recovery strategy should include off-site replication – to an external drive, corporate network, or to the cloud.
2. Beware the family
Just as many office employees are working from home, so too are cyber criminals and WFH has opened many doors for them. Globally and in South Africa cyber security firms have sounded the alarm on the massive spike in phishing and hacking attempts.
It’s important to educate your family about computer security. Discuss with your children why they should never download anything without parental permission or chat with people they do not know. Help them create complex passwords and remind them to change these regularly. We advise against letting family members use your business devices as this increases the risks to sensitive data.
3. Train your team
Employee behavior is a big threat to a business’s data security. Sophisticated phishing techniques, for example, may be difficult to recognise, even more so in WFH situations where there is less opportunity to seek advice.
That’s why employees need appropriate training on basic cyber security principles and practices. Regardless of size, every business should have a cyber security policy in place, and make security the responsibility of every staff member.
Although it is almost impossible to monitor and block all attacks, multi-layered security is the best form of defense in the current threat landscape. Co-ordinated defenses that include software and end–user education have the best chance of stopping online criminals.