Despite Covid-19 small businesses are still open to cyberattacks. Only recently, Troxell was informed that scam calls are being made to clients, asking for personal information, as well as payments over the phone.
With all the chaos around us, it is important to stay alert to scams, frauds, and cybercrimes. Most businesses have been forced to have employees work from home. I want to share a few tips and reminders to keep in mind if you have remote workers handling sensitive information.
Train employees on how to detect and respond to phishing attacks.
Criminals prey on unfortunate circumstances, seeking to capitalize on victims during times of panic and hardship. Our current situation is no different. Cyber criminals have been known to pose as charities and legitimate websites to lure victims into sending money and revealing personal information. Individuals should scrutinize any emails, texts and social media posts, be cautious when clicking any links and attachments. Specifically, employees should be instructed to avoid clicking links from unsolicited emails and be wary of email attachments. Never give out personal or financial information via email, even if the sender seems legitimate. Never respond to emails soliciting personal or financial information. Verify a charity’s authenticity before making any donations.
Have a virtual private network (VPN) in place, and ensure employees are using it to access company systems and data when working remotely.
VPNs encrypt internet traffic, which can be particularly useful when your employees are connected to a home or public network. Furthermore, it could be beneficial for your company to prohibit employees from accessing company information from public networks altogether.
Mandate the use of security and anti-virus software.
This software should be up to date and include the latest patches.
Consider security precautions for mobile devices.
Proper phone security is just as important as a well-protected computer network. A smartphone could grant access to any number of applications, emails and stored passwords. Depending on how your organization uses such devices, unauthorized access to the information on a smartphone or tablet could be just as damaging as a data breach involving more traditional computer systems.