Many South Africans are restricted to working from home during the 21-day coronavirus lockdown, and this may result in increased network security risks.
Employees working from their own devices may be using unsecured hardware or be connected to an unsecured network, leaving their systems vulnerable to attack.
This is especially concerning for companies such as banks and insurance firms, as they regularly deal with sensitive user data.
Company-provided laptops can help to protect against these risks, but employees must also make sure their network is secure and they do not expose themselves to malware.
MyBroadband spoke to Checkmark cybersecurity director Rudi Dicks about the potential security problems which arise when employees work from home.
Attacks on remote workers
Dicks said that phishing attacks have increased substantially since the outbreak of the COVID-19 coronavirus.
“Don’t click on links or open attachments from people you don’t know. We’ve seen a significant increase in phishing attacks related to the COVID-19 pandemic,” Dicks said.
“When you combine this with users working from home, we expect to see an increase in compromised devices.”
“Many companies were not ready for a fully remote workforce and, in some cases, security has to be sacrificed in favour of availability,” he said.
Dicks added that remote workers will also be more vulnerable to social engineering attacks.
“Be careful of social engineering – attackers are phoning people at home, pretending to work for the IT department or a service provider, and manipulating those users into giving them remote desktop access.”
“Make sure your data is being backed up and your software is updating – there will be many companies (especially in the SME space) that can’t backup their data while you are at home and a ransomware attack or hardware failure could cost you weeks of work.”
Defending your system
Network and software security is more important than ever when you are working from home, and it is highly recommended that you use a VPN when accessing your office network.
“The antivirus and software you use need to updated regularly to prevent attacks,” Dicks said. “Use a VPN. If you have a VPN connection to your office, connect it before you do any work.”
“This VPN will create a secure tunnel to the office, increasing your security significantly.”
If you do not have an office VPN, you should consider purchasing an annual subscription from a reputable VPN provider, as this will encrypt your data and protect you from many security risks associated with unsecured networks and devices.
Dicks said that remote workers should never use a free VPN. Now would also be an excellent time for users to change their Wi-Fi router’s login details.