Pre-COVID-19, remote work was offered to a chosen few who wanted to do it and had the spare space to accommodate a home office. Now, working from home is the new normal, and companies are transitioning to a floor full of bodies to everyone meeting via teleconferencing. While remote work is a unique opportunity for a lot of workers used to spending hours commuting to and from work, cybercriminals view this setup as an opportunity to widen their attack net. According to the FBI, cybercrime reports quadrupled during the COVID-19 pandemic.
Cybersecurity and Healthcare.
For some twisted reason, attackers seem fixated on targeting hospitals, healthcare workers, medical research facilities, and anything connected to the industries that are saving lives, including remote workers. Disruptions include phishing attacks, social engineering attacks, identity theft, and other dangerous threats that cause massive financial losses or petabytes of big data stolen. With the rise of cyberattacks targeting remote healthcare consultants and workers, a robust cybersecurity solution and proper cyber hygiene are more important than ever to stay safe online.
What is Cyber Hygiene?
Cyber hygiene is a collection of best practices that help keep computers, data, and online accounts well protected from outside attacks. Cyberthreats include malware, trojans, ransomware, phishing attacks, identity theft, DDoS/DoS attacks, and other threats. Much like personal hygiene that can help maintain good health, cyber hygiene can help keep remote healthcare workers stay safe online and keep their system running in top condition.
Measures to Help Improve Cyber Hygiene and Cybersecurity.
If your organization is working remotely during this COVID-19 pandemic, here are some of the most critical measures to keep your data safe from cybercriminals.
Use a VPN.
A Virtual Private Network or VPN can help encrypt and anonymize your online activities from prying eyes. When configured correctly, VPNs can also extend your private network and enable other remote workers to send and receive data as if their computers were directly connected to the company’s private network. VPNs let IT departments sequester critical information and can prohibit users from taking data outside of the VPN environment.
Use Strong Passwords and Enable Multi-Factor Authentication.
Never use the same password twice and create a strong one for every account. Either use a password string of three to four random words or use an encrypted password manager to handle the creation and storage of passwords for you. Enable Multi-Factor Authentication or MFA on all accounts for an extra layer of security using your phone, an app, or an external authenticator.
External Email Stamps.
Using external email stamps to identify messages that come from outside your network or internal systems can help defeat phishing attacks. This type of branding can be added to any email system. When anyone in your organization receives a message claiming to be from someone within your company but has the “EXTERNAL” email stamp, it’s likely to be a phishing email.
Don’t Use Unsecured Email.
Always use your organization’s email and never forward essential documents to a personal email account. Moving critical information back and forth between secure and non-secure systems may put your company’s data at risk.
Video Teleconferencing Security.
Since everyone is staying home and social distancing is encouraged, meetings are all done via video teleconferencing. However, according to the FBI, some of these platforms are easily hijacked and disrupted by hate images and pornography. If you’re holding a team meeting with fellow remote workers, ensure that the app or program you use is running the latest patch and has end-to-end encryption as its default setting. Make sure that your meeting is private, password-protected, and only one person can control access.
Be Careful with Attachments and Hyperlinks.
Be extra cautious when dealing with file attachments. If you didn’t expect an email or an email with a file attached, contact the sender directly via phone, text, or separate email and verify everything. Please don’t reply to the email or forward it to anyone else, because the sender could be a hacker casting a net and tracking your actions. Your best defense against hyperlinks is not to click it without scrutinizing it. Look for spelling or grammar mistakes, fake names, and poorly rendered images. Verify with the sender and search for the actual URL online. Avoid working on smaller devices such as phones and tablets because fake links are easier to miss on smaller screens.
Social Media Exposure.
Limit what information you share about yourself and your organization online, especially on social media platforms. Take extreme precautions when sending messages and sharing details about your organization’s COVID-19 response or other coronavirus-related info via an attachment or link. Cybercriminals are actively hunting for this information because it’s crucial at this time.
Remember, always stay vigilant and ensure that everyone in your organization practices the proper cyber hygiene steps mentioned above. Healthcare consultants, workers, and front liners are critical to helping the nation heal as one.