Jun 01, 2023
According to a Digital Defense Report published by Microsoft in 2021, the private industry's support of remote work, in addition to factors introduced by the COVID-19 pandemic, has made remote workers a lot more susceptible to the actions of cybercriminals. Per the 2021 Microsoft report, "While most industries made the shift to remote work due to the pandemic, it created new attack surfaces for cybercriminals to take advantage of, such as home devices being used for business purposes."
As you can infer, for companies that employ remote workers, it is important to implement training measures that teach them all about various cybersecurity dangers. But what should the training process look like?
Let's explore some areas of consideration for your training process. These suggestions have been put forth by SANS Security Awareness in its Security Awareness Deployment Guide that covers how to securely work from home. The SANS guide outlines the core cybersecurity risks that remote employees are most likely to face as they work from the comfort of their homes.
Risk No. 1: Social engineering attacks
Social engineering attacks are one of the most dangerous and frequent risks that remote workers face while on the job from home. In essence, social engineering risks refer to situations where remote workers face psychological attacks. In these instances, the social engineering perpetrator tricks remote workers into making mistakes.
The perpetrators do this by taking advantage of vulnerabilities that remote workers deal with during difficult times involving a lot of change. You can think of the COVID-19 pandemic as a prime example of a time when social engineering risks were very prominent.
However, rather than focusing strictly on phishing attacks via email, it is important that employers pay attention to other modes of social engineering attacks, such as via text, over the phone, on social media and through the spread of fake news.
Risk No. 2: Not having strong passwords
A main cause of global data breaches is none other than weak passwords. Though not the only contributing factor, weak passwords put remote workers at risk of having their information stolen or compromised. To counter the likelihood of your remote employees being subjected to data breaches, make sure you train them on the importance of strong passwords and how they can reduce password-related risks.
During the training period, consider addressing the following points:
Risk No. 3: Using outdated systems instead of updating them
Something else to keep in mind is that out-of-date technologies are gold mines for cybercriminals who want to target remote workers. To combat this, take measures to ensure that the operating systems, online applications, mobile applications and other forms of technologies that are used by your remote employees are always updated.
Also, remote employees who use their own personal devices for work-related tasks should be advised about the importance of keeping their systems updated too. For example, remote workers can enable automatic updates, which is especially helpful if updating devices is something your remote workers put off or forget to manually do.
3 more cybersecurity topics to cover in training
For starters, you'll want to let your employees know about the importance of identifying and addressing suspicious online activity. Let your employees know what suspicious activity looks like and how they can report any suspicious activity they see.
From there, let your employees know that if they work remotely outside their own homes, they are still in harm's way given the public nature of their workplace. As such, make sure they consider the cybersecurity threats associated with their daily work routines.
Finally, inform your remote workers about the importance of keeping their work-related technology private. Relay the fact that they should not let unauthorized persons access their work-related technology, including family and friends.
Make it a point to offer cybersecurity training to all remote employees
Training new remote employees on all things cybersecurity during orientation is always a wise idea. For remote employees who have been with your company for a longer period of time, make sure you provide training periodically so that your long-term remote employees are educated on critical cybersecurity developments as they arise.
To ensure that the training you provide to your employees is accurate, up to date and thorough, consider hosting training sessions that are led by remote-work cybersecurity experts.
©2023
Nov 22, 2024
In a recent revenue procedure, the IRS announced changes to health savings accounts for 2025. Now is a good time to look at your situation and consider your options. Click through for a review of the changes.
Nov 21, 2024
When a disaster strikes, it's critical to have a payroll continuity plan — a document outlining the steps necessary to manage payroll through disruption. Click through to learn how to create a multitiered plan that prepares your organization for many possibilities.
Nov 20, 2024
Cost-of-living adjustments affect dollar limits for pension and other retirement-related items for tax year 2025—and your contribution to such accounts increases. Click through to see the IRS stipulations regarding specific retirement programs.
Nov 19, 2024
Between changes to current tax law and uncertainty about how a new president will influence future tax law, planning for the 2024 tax season is challenging. Click through for tips on staying on top of current and proposed tax legislation.
Nov 18, 2024
With a November 2024 decision that overturns major employment changes announced in April 2024, a federal court has ruled against the Department of Labor. Click through for a review of the current overtime status in the wake of this decision.
Oct 24, 2024
As an employer, you should be familiar with which employees are eligible for continuation of health insurance benefits under federal law and what events trigger that coverage. You should also know what kinds of communications are required and when. Read through to learn more.
More News & Press can be found in our Archive.
