The current year has been disruptive for businesses around the globe. The ongoing 2020 Covid-19 pandemic has forced companies to make WFH a regular option, and for at least a year to come, we will have to deal with social distancing and related protocols. As more employees work from home and companies continue to operate in complex & hybrid IT environments, cybersecurity remains a concern. Cyber threats come in various forms – right from backdoor exploit to phishing scams and malware attacks.
This brings us to the question – Is your company doing enough for cybersecurity in 2020? Here’s what every company must focus on, particularly in current times.
- Create WFH policies. From recommending a premium VPN for your employees, to offering them devices to work from home, there are various steps that companies can take, depending on their budget and requirements. When employees are working from home, you want them to be productive and more careful about how they access company resources.
- Guidelines for password management. Creating strong & long passwords is important, and you may have to recommend a password management tool for your employees. Ensure that employees don’t make mistakes like retaining default passwords, using same password for different devices and accounts, and reusing old passwords.
- Consider added security. For ensuring better cybersecurity in 2020, you have to add extra layers of protection. A good idea would be to enable lockout feature for accounts and devices, so that brute force attacks can be prevented. Next, use two or three-layer authentication where needed.
- Focus on access. From managing access to your IP cameras and recorders, to handling servers, networks, and other networked devices, there should be a clear means to manage access rights. If possible, go for a reliable Identity & Access management suite.
- Spend on training. Regular webinars and web meetings can be handy in training employees for cybersecurity in 2020. This year, employees would have to handle a lot more risks on their own, without direct assistance from the security department, so they need to be updated.
Finally, don’t miss on having an incident response plan, so that everyone knows what must be done in time, so as to reduce damage and consequences, in case a breach occurs. The idea is to prevent security breaches and cyberattacks in the first place, and for that, nothing will matter more than collaboration between teams and people within an organization.