COVID-19 has forced people around the world to work from home. For IT managers, in all industries and sizes of organization, there’s more security risks to deal with. Why? Outside of the workplace, with on-premises tech teams on-hand when things go wrong, there’s a whole host of threats that extenuate for employees working from home.
Remote working heightens cyber-risks
With no boss or co-workers looming over colleagues, there’s more temptation to do personal things on a work device. Like shopping, letting your kids use your corporate laptop for homework, or succumbing to clickbait from untrusted websites. Right now, we’re seeing a rise in phishing attacks related to COVID-19, falsely promising ‘urgent health advice.’
Outside the office, there’s a higher risk your employees may unwittingly unleash a cyberattack. It could happen by doing something as simple as updating a free application like a PDF reader; many free downloads are riddled with vulnerabilities – opportunities for hackers to force access to your machine. If corporate devices aren’t patched properly, it increases the chances those hackers will cause havoc. But now the majority of endpoint devices are remote and not on high speed corporate networks, patching is increasingly difficult.
As the COVID-19 lockdown continues, updates will fall behind the release of new versions, making devices more vulnerable so it crucial to use endpoint solution layers to your advantage.
If you haven’t already, invest in training your homeworking employees to become more aware of cyber-risks. Aside from education, system hardening can help you minimize remote working attacks.
What is system hardening?
System hardening is like locking your house. If you leave the windows and doors open, there’s a higher chance of unwanted guests, but close them, and you’ll minimize the possibility of a break-in.
Imagine this: Your employee has a child who’s been given a USB stick from their school with homework. The school doesn’t have the best cybersecurity, and there’s malware on it. Once that’s on your colleague’s work device, it can be compromised. But by disabling particular devices from accessing your USB ports, you eliminate that risk.
This is an example of system hardening by tightening up access to your devices. So what else can you do? Like this story, it’s simple: start with the basics.
Layers are critical to your cybersecurity defenses
First and foremost, if you don’t have endpoint security protection – security solutions, like anti-malware that helps protect computers from cyberattacks – get it on all devices across your IT network. Many businesses buy endpoint protection just for blocking malware, but there are other layers within the software to protect your devices. Use all the security features, or layers, to your advantage.
Firstly, use features which lets you limit or block specific applications you don’t trust. Next, add a web control layer that blocks particular websites or their categories, which could include social media (unless that’s part of your job), ecommerce or adult websites. The anti-malware layer should be your last defense against cyberattacks: Build the layers from the bottom up so hackers have more hurdles to jump before they get here.
Harden first, invest in new tech next
I work with IT managers in enterprises. About three in four of the people I speak to aren’t using the full features of their endpoint product. The issues they’re concerned about, like ransomware attacks, could be prevented with system hardening, yet there’s a huge push to move onto next-gen technologies which defend by predicting, detecting and actively respond to cyber-threats.
While these solutions are critical for the future of cybersecurity, before investing in more advanced tech, get the basics right first. If you don’t, when you launch new solutions, you’ll spend most of your IT team’s time fixing smaller issues, like cleaning up malware, that could’ve been sorted through system hardening.
Need next-level protection? If you have skilled IT security experts in your team, or you’re handing sensitive customer data, you’ll need more than just endpoint security. Consider upgrading to solutions like Kaspersky’s EDR which offers response and forensic capabilities in the event of a cyberattack.
It’s simple: with system hardening, you’re making each device as resilient to a cyberattack as it can be. With multiple layers of security in place, your IT team will have more time to focus on critical issues and keep the systems running smooth.