Remote work has always come with its share of concerns, but as countless businesses have had to quickly scramble to set up makeshift work-from-home environments, hackers and scammers are (unsurprisingly) rushing to take advantage. The quantity of businesses forced into a new and unfamiliar way of working, combined with the chaos that comes along with the crisis the world currently finds itself in, creates fertile ground for criminals to prey upon unsuspecting business owners and their remote employees. It's critical that businesses educate themselves on the necessary precautions and solutions.

Beware of scams that use the COVID-19 to prey on fear

Cyberattacks using Coronavirus-related language began early on during the pandemic, practically as soon as lockdowns started to become the norm around the U.S. These include, but are not limited to, malware attacks and phishing schemes. Malicious emails may disguise themselves as coming from the World Health Organization (WHO) or other reputable organizations. As the pandemic continues to be the main focus throughout the world, expect a great deal more of this, and be wary of any emails you receive. Make sure you know where an email came from before you open it, and avoid clicking on any links in emails unless you are certain that the source is legitimate. Business owners and IT departments need to ensure employees are vigilant about this.

Video conferencing threats

As numerous organizations have rushed into remote working scenarios, use of video conferencing apps has skyrocketed. Zoom®, in particular, has received a great deal of media attention as it has become a go-to for businesses, schools, churches, and families to have video meetings. Unfortunately, that particular company was not prepared for the massive influx of users that came from the coronavirus pandemic, and security and privacy issues became widely reported almost immediately.

A practice that has become known as "Zoom bombing" has affected some users, with bad actors infiltrating meetings and making threats, posting obscene language or hate speech, and some even sharing indecent images with unsuspecting meeting participants.

The guidance from Zoom’s headquarters1 has been to make sure that if a meeting is public, the host should make sure they are the only one who can share their screen. For meetings that are not open to the public, require a password to enter. Similar guidelines should be followed for other apps of this type.

General IT challenges of a remote workforce

Beyond the direct threats, managing a remote workforce from an information technology perspective can itself be challenging.

Small business owners should have regular meetings with IT managers to discuss challenges and concerns that remain, at least until more permanent solutions and policies are well established and they are able to ensure staff are following the correct protocol.

"Having a policy in place will let your employees know what they need to do and how to do it, but providing them with the right tools will also reduce the risks of working remotely," notes Russell Radzikowski at Securicy®.2 "Depending on your company and the role of your employees, these tools may vary."

Such tools may include: a VPN (so network traffic is encrypted), built-in encryption and firewalls on devices, and/or a password manager. Additionally, all operating systems and software should remain up to date to include the latest security patches. Screens should be locked when not in use if the device is being used out of the privacy of the home. Secure connections should always be maintained. The key is to help ensure employees are educated on dos and don'ts.

The reality is that nobody knows how long current social distancing guidelines are going to be in place, but as long as they are, businesses are going to have to adapt to the so called "new norm." Those fortunate enough to remain in business at a time when many are forced to shut their doors completely need to take the proper precautions to ensure security threats don't put them in jeopardy. The good news is that many threats can be thwarted with some employee education and the right policies and practices in place. If you are unsure of where to start or how to proceed, don't hesitate to contact an IT security consultant.

If you have questions or want to talk with one of our bankers about how we are addressing your banking security concerns or how we can help your small business through this crisis, please feel free to contact us. For further information and resources about dealing with the crisis, please visit https://www.nsbank.com/it-matters/coronavirus/.

1. https://apnews.com/94f4446acae487e1eb7cc85e2c176908

2. https://www.securicy.com/blog/working-secure-while-working-remote/

 

The information provided is presented for general informational purposes only and does not constitute tax, legal or business advice. Any views expressed in this article may not necessarily be those of Nevada State Bank. Nevada State Bank is a division of Zions Bancorporation, N.A. Member FDIC