The topic of cybersecurity risks is not new to small businesses. Even before COVID-19, 21% had reported a data breach in their organizations within the last 24 months. What is new is cybersecurity in conjunction with an entire workforce transitioning to a remote working model amid a global health crisis.
While remote working is not inherently risky to small businesses from a cybersecurity standpoint (although we do recommend employing certain precautions), the transition to remote working is just the kind of business disruption that provides cybercriminals the opportunity to identify and exploit organizational vulnerabilities.
Enabling the success of a remote workforce while keeping your business protected requires leaders to acquire new awareness around cybersecurity risks and digital best practices in order to help themselves and their employees keep networks, devices, and data secure.
Here is how I recommend keeping your business cybersecure with a remote workforce.
1) Secure your remote working infrastructure first
The main impact on cybersecurity when a business goes from a central office setting to remote working is that the way your employees connect to the organizational information required to do their jobs changes. Because of this, employees should be diligent with their remote working in two main areas: the security of their devices’ connection to the internet and the security of customer information. Since one in four WiFi hotspots can be hacked in minutes, employees should never connect to company servers through public WiFi or an unsecure home network, but instead use virtual private networks (VPNs) to ensure a secure connection and prevent unauthorized access.
2) Educate your workforce to avoid common scams
It is especially important for a small business’ workforce to be on the lookout for phishing scams that target their professional email accounts. Since professionals aren’t seeing their managers in the office on a daily basis, criminals may deploy more boss/CEO phishing scams in hopes of capitalizing on the fact that employees are more likely to respond to a message they believe to be from their manager. In addition, the Federal Trade Commission has recently reported a significant increase in coronavirus-related fraud complaints that have separated consumers from $23.3 million dollars, to date. Even before the pandemic, phishing scams run through Office 365 had been trending upward, including a 250% increase over the last year.
3) Remember, protecting your employees also protects your business
Because it’s easier for a company’s data to be breached when as few as one employee’s information is exposed, employees and contractors continue to be targeted by cyber criminals as entry points to institutional data. While 81% of all company data breaches are the result of identity theft, there is some good news – professionals with identity theft protection are nearly three times more likely to be aware of a compromised identity than those who do not.
As remote working becomes our new normal, prioritizing cybersecurity measures across your business can protect your organization from the devastating effects of data breaches that can not only result in financial loss, but also the loss of critical client trust. Although the planning and resourcing investment may seem daunting on a small business budget, remember it is far more daunting and costly to restart your business after a cyberattack than it is to prevent one in the first place. As 35th president John F. Kennedy once said, “There are risks and costs to a program of action – but they are far less than the long-range cost of comfortable inaction.”