By Pedro Tavares, Editor-in-Chief seguranca-informatica.pt
With the COVID-19 outbreak, companies and governments are taking preventive measures that include teleworking. This can be a turning point in the way we look at teleworking. Despite many advantages, it is important to be disciplined and follow a healthy doctrine so that everything can proceed smoothly and productively.
Teleworking has spread rapidly in recent years. It has been commonly adopted in some countries and not so much in others; it offers advantages and disadvantages for both the employee and the company.
If you feel a motivated person, I can share with you some advantages this mode of work:
Autonomy: This is the most probably and obvious advantage of teleworking (even more than the pajamas and slippers advantage).
Savings on travel costs: In those large cities – and even the small ones- getting to the workplace can consume several hours each day.
The employee’s opinion of the company will definitely improve: Since remote work has a number of important advantages, it is very common that this will influence the employee’s assessment of both the company and his job.
Productivity can be increased: The advantages that teleworking offers should improve the worker’s mood.
Nonetheless, you need to be a disciplined person, or teleworking can turn out to be a nightmare, bringing frustration to your professional life.
Some disadvantages that I can enumerate are:
- Sometimes it is not easy to disconnect, it might be a problem
- Work performance may drop, sometimes
- The worker could feel less identified with the company
- Some extra expenses are generated for the worker
In fact, this work away from the office can increase cybersecurity threats and vulnerabilities. These days, cybercriminals are taking advantage of the teleworking situation to put in place several cyber threats that attract users, such as phishing, online fraud, and disinformation campaigns.
In this sense, the protection of users must be reinforced in this new remote context motivated by teleworking, with four essential solutions: (i) virtual private network (VPN) connection, (ii) multifactor identity verification mechanisms, (iii) Cloud and DNS security, and (iv), device protection.
This is a time where many users are using video conferencing software to perform secure and online meetings.
Therefore, when using software from this nature, do not facilitate, and:
- Disable all functions that are not used, microphone, camera, screen sharing or file-sharing;
- Physically cover the webcam when not in use;
- During screen sharing, disable work-related notifications and ensure that it is okay to share content on the screen background or in other windows;
- Set passwords and do not reuse meeting codes; and
- Request approval from the meeting organizer for guests to access them and their recordings.
In general, here are enumerated some recommendations to protect yourself properly against cyber incidents:
- Use only devices authorized by your organization;
- Do not share these authorized devices with your family members;
- Make sure your home WI-FI has a strong password and, if you haven’t already, take the time to change it;
- Make regular backups to an external device.
- Always use your organization’s VPN;
- Do not open emails or SMS, or click on any unknown links or attachments (beware of phishing related to the COVID-19 pandemic); and
- Do not share professional information on social networks.
For organizations, I can enumerate some measures as well:
- Ensure that the devices are up to date and have an antivirus and firewall enabled;
- Provide a VPN for remote access of your employees to vital information resources;
- Provide secure authentication means for your employees;
- Ensure adequate support in case of incidents or doubts of your employees. Remember that this is a new situation for everyone; and
- Limit access to systems and folders with sensitive data.
Notice that in this unprecedented pandemic situation, teleworking and collaboration tools are crucial. Today, the priority should keep people safe and facilitate their work from anywhere, at any time, and thought any device. With this mindset in place, companies remain connected to their teams and can continue their day-to-day operations safely.
About the Author
Pedro Tavares is a cybersecurity professional and a founding member of CSIRT.UBI and Editor-in-Chief of seguranca-informatica.pt. In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, malware, ethical hacking (OSCP-certified), cybersecurity, IoT, and security in computer networks. He is also a Freelance Writer.
Segurança Informática blog: www.seguranca-informatica.pt
Contact me: firstname.lastname@example.org