Canadian Underwriter
News

Paid Working from Home: Cybersecurity and the Remote Worker


June 12, 2020   by Trisura Guarantee Insurance Company


Print this page Share

In these times of social distancing and working from home, it’s become even more crucial to ensure strong cybersecurity measures are in place for you and your business. Working from home can pose its own challenges and takes adjusting to; the last thing anyone would want is a cyber breach to occur at the same time. As organizations have moved to a work-from-home state, it can be argued that the risk of cyber exposure is even higher. “With an expanded attack surface, potentially weaker security protocols and distracted employees, this unique situation is just right for highly motivated cyber criminals to make their moves,” states Michael Kalakauskas, assistant vice president and product leader at Trisura Guarantee. “We all need to do our part to stay vigilant and keep our information secure in these uncertain times and there are many ways we can go about this.”

 

Let’s look at some of the most important steps we can all take to ensure a more secure home office:

  • It starts at the beginning with the basics of password management. The employee’s responsibility begins at the login page. Once an attacker knows the username, cracking the password may not be too difficult. To avoid an attacker breaking into your network, here are some password tips to keep in mind:
    • Change your password often;
    • Make your password hard to guess with a combination of upper and lowercase letters, numbers and special symbols; it should not be something related to you;
    • Do not share your password with anyone.

 

  • Organizations should implement a multi-factor authentication process (at least two steps) for logging into a company’s computer or network remotely. This adds an extra layer of security as it requires identity confirmation through a variety of factors. The authentication process could be in the form of security questions, multiple email addresses or sending a code to a mobile device.

 

  • Installing smart and updated anti-virus software can help to alleviate any worries surrounding breach protection. It is recommended that organizations opt for “next-generation” and intelligence-based anti-virus software because these types of virtual shields can evolve like viruses. They are programmed to analyze data, such as unique characteristics, rather than simply to look at signatures.

 

  • Just as it’s important to always press “save” as you work, offline and offsite data backup is also good housekeeping for combating ransomware attacks. Frequent backups, both at the PC and network levels, will prove to be useful should you be required to wipe the system clean and reinstall everything.

 

  • Having up-to-date firewalls and technology (i.e. patching) are certainly important, but it doesn’t stop there: ensuring employees have the proper training and information about cyberattacks is equally important. If an attacker tries to obtain personal information through email, for example, employees who know how to spot suspicious emails are more likely to thwart a possible breach than those without cyber awareness.

 

  • Ensure your WIFI connection is secure and use VPNs (Virtual Private Networks).

 

The above tips are great precautionary measures companies and staff can take to stop a breach, but what is the role of the broker in all this? As there may be some uncertainty surrounding the vast world of cyber, insurance brokers should familiarize themselves with the risks. Brokers can serve as a resource for their clients and spread awareness through news stories and articles that highlight the exposures. “It’s also important to gain an understanding of where their clients may be vulnerable to cyberattacks,” adds Kalakauskas. “Find out your client’s cyber protection measures and help identify these gaps.” With the help of insurance carriers, you can then suggest experts your client can use to strengthen their cyber breach prevention practices.

 

Though there are many controls that can prevent cyber-attacks, remember that the human element is the most important piece of the puzzle. Employee errors cause the most breaches, so if the organization has good employee training and awareness policies, you are well on your way to combating the bad actors.

 

 

This article does not intend to provide legal or technical IT advice. You should consult your own legal counsel or IT professional in connection with matters affecting your own legal or technological requirements or interests.


Print this page Share

1 Comment » for Paid Working from Home: Cybersecurity and the Remote Worker
  1. Bachitter Mehmi says:

    Very valuable information.

Have your say:

Your email address will not be published. Required fields are marked *

*