Lock down three things now: how your team treats incoming email, how secure their work-from-home machines are, and how they handle passwords. A crisis like COVID-19 is exactly when attackers expect you to slow down, and that's when they speed up.
While the rest of us are trying to make sense of a new normal, cybercriminals are working overtime. A distracted business is an easy one. They use the chaos to slip into your network, steal data and passwords, get at your clients' private information, and demand a ransom to give it back.
Cybercrime was climbing before any of this, on track to cause $6 trillion in damages by 2021. History says these people show up in force during a scare. Expect the headlines to shift from the virus to a run of attacks on corporations and small businesses.
Treat every COVID-19 email as suspicious
People are scared and confused, so this is the perfect moment for someone to mail you malware. Your inbox is probably full of coronavirus subject lines right now. Slow down on each one. Check the sender before you do anything. There's a fake cdc-gov address spamming inboxes across the country, and it looks official enough to fool a busy person.
Don't click a link unless it's obvious where it goes. Never open an attachment unless you know who sent it and what it is. Say all of this out loud to your team, especially the people now working from their kitchen tables.
Make work-from-home machines as secure as the office
The other reason attacks spike during a pandemic is that everyone is suddenly working from home. Too many employers stop thinking about security the moment the team leaves the office. That's a dangerous habit to fall into.
Three things to get right. Keep employees off their personal computers and devices for work. Make sure every work-at-home machine has its firewall turned on. And don't call your network secure until your team is connecting through a VPN. If you want help getting a remote setup right, we can get your whole team configured.
Fix your passwords before a hacker finds the weak one
In a crisis, your passwords decide whether you spend the next few weeks growing your business or scrambling to recover hacked accounts and stolen data. Reevaluate them now and tell your team to make theirs stronger.
Saving passwords in your web browser is convenient and weak. The browser only asks for one password or PIN to unlock every login it stores, and a skilled hacker can get past that. Once they're in, they take whatever they want: credit card numbers, customer data, all of it.
Use a dedicated password manager instead. It keeps every password in one secured place. LastPass, 1Password, and Keeper Security Password Manager are all solid options.
You and your team already have enough to manage: staying healthy, living more isolated, keeping the business going. Letting your computer and network security slide just hands the people watching for an opening exactly what they want.
Want a second set of eyes on your security or a quick consultation on keeping your data safe? Connect with us today.