Consulting with a Conscience™

A cruciallogics blog

close
Written by Nim Nadarajah
on August 25, 2020

Just when we think it can’t get worse, the pandemic throws us another curve ball.Though many organizations readily adapted to the widespread migration of workers out of their offices and into their homes, there is one factor that has become increasingly risky: security.

It shouldn’t come as a surprise; with so many employees now working remotely, in many cases on unsecured networks and personal devices, cybercriminals have been handed an opportunity to easily infiltrate previously impenetrable data resources. Add to this the increase in online shopping on those same devices, and new direct deposits to bank accounts arriving from government stimulus programs, and imagine the sheer number of new potential contact points for a cybercriminal to leverage for gain.

A recently conducted study found that in the first quarter of 2020 alone, cybersecurity breaches were up by 273%[1] as compared to the same time period in 2019. There are three main types of attacks that have increased:

Ransomware : ↑90%         Destructive Attacks: ↑102%        Island Hopping: ↑33%

For a large company, the average data breach results in the loss of anywhere from 10 million to 99 million records, and a decrease in the company’s value by more than 7%. And where larger organizations or governments may have the resources to survive an attack, a cybersecurity breach can be catastrophic for smaller organizations, especially during an already trying economic period like what we’ve seen with the COVID-19 pandemic.

Securing a Remote Workforce

As we mentioned in a previous blog post, the rush to remote work meant in many cases that a system was devised “on the fly”, with the main goal being the bare minimum: The ability to continue doing business while workers were at home. Now that we’ve proven that it’s possible to transition to a remote working model, the task at hand is very clearly securing the new remote environment.

For most companies, the ability to protect data and work within a secure environment will come down to three factors: Rules, Tools, and Teammates. Let’s take a closer look.

Rules
Now that most organizations have ironed out the expectations and responsibilities of employees regarding working hours, meetings, and submitting work, it’s wise to shift the gaze to guidelines for security. Individual rules will vary depending on the type of work each company conducts, and the type and amount of data that they hold.

That being said, creating rules around which programs and platforms to use will empower a workforce to enhance security at a wide scale. Choose your approved platforms wisely and communicate clearly to the workforce the expectations around adoption.

Another recommendation is to encourage secure digital behaviour habits. These can include increasing awareness around not clicking suspicious links, and how to securely transfer files between team members.

Tools
The predominance of tools like Zoom highlighted very early on that when it comes to security, certain platforms are simply better than others at protecting data. Zoom does present the opportunity for an attacker to hijack a meeting, where programs like Microsoft Teams have security built-in to the back end of the system, a foundational element of the platform.

Choosing the right tools, based first on their ability to produce and maintain secure online environments, will be key to preventing breaches moving forward. Many companies have already made the decision not to return to the office for the remainder of the year at least. Clearly, it’s time to decide on secure software solutions and cloud-based tools and to implement them in a manner that will protect the organization for the foreseeable future.

Teammates
It’s been a common narrative among small to mid-sized organizations since the pandemic hit: Where a small IT team (or even no IT team at all) may have been sustainable pre-COVID, the drastic uptick in cyberattacks, and the challenges of maintaining security remotely have presented a necessity for an increase in IT assistance. Whether achieved through hiring IT professionals directly into the organization, or connecting with a third-party partner in the form of an ongoing relationship, additional IT support is a necessary step as we head into the remainder of 2020.

Work with the Experts
CrucialLogics offers extensive IT support, including cybersecurity protection and the implementation of increased cybersecurity controls. There’s never been a more important time to ensure the security of your remote working environment. Establishing an ongoing program with CrucialLogics allows you to outsource the implementation and maintenance of exactly the infrastructure you need to move your organization towards sustainable prevention of future data breaches.

To learn more about our services, reach out to our team today.

 

[1] CNBC, “Cybercrime Ramps Up Amid Coronavirus Chaos, Costing Companies Billions”, https://www.cnbc.com/2020/07/29/cybercrime-ramps-up-amid-coronavirus-chaos-costing-companies-billions.html

You may also like: