With many businesses now working remotely, it is even more important that business leaders and those responsible for risk management consider and address good cyber hygiene practices and steps as it is almost inevitable that cybercriminal activity will surge during this crisis as they seek to exploit and take advantage of this already stressful and demanding situation.
What should businesses be doing to ensure good ‘cyber hygiene’
Businesses should be frequently reminding their workforce about the basics of good cyber hygiene which would include:
- Reporting suspicious emails to the IT or other appropriate department and thoroughly checking the providence of emails to make sure that the email is genuine.
- Ideally emails should not be sent to employee’s personal accounts as these can be less secure than accounts within the businesses firewalls.
- If receiving an email from a personal account rather than a business account extra attention should be given to examining the email header and the contents of the email to ascertain whether this could be a phishing attempt.
- Not sharing any personal or financial information by email unless it is sent through a secure email facility to a verified recipient.
- Being aware of social engineering, namely a phone call or email purporting to be someone representing the government or technical support.
- Ensuring that data is regularly backed up to a secure location.
- Ensuring that passwords are made as strong as possible and perhaps more frequently changed.
- Only using or visiting trusted sources for information
Whilst social distancing is possible, cyber-distancing is not. The only way to combat cybercriminal activity is to be hyper-vigilant.