Telework has exploded in the era of COVID-19, and many Americans will likely continue working from home long after the virus-related shutdowns have ended and businesses are reopened. With teleworking on the rise, now is the perfect time for employers to make sure they protect themselves from hackers who prey on small businesses that don’t have the benefit of large cybersecurity budgets. Although small businesses might not have the time or resources to hire dedicated IT specialists, or provide their employees with cybersecurity training, there are still some easy steps they can take that will go a long way towards warding off hackers.
- Beef Up Your Passwords
Avoid using simple or easy-to-guess passwords such as names or birthdays. Hackers have been known to use programs designed to continuously test out every combination of letters and numbers until they get a match. Experts recommend that you take these preventive measures:
- make your password at least 10 characters
- include a variety of letters, numbers, and symbols
- routinely change your password
- use different passwords for different devices and applications
- Dangers of Allowing Personal Devices
Many teleworking employees use their own personal computers or tablets for work. While this can help small businesses reduce their overhead, it is important that employers make sure their employees’ personal devices are protected. This means instituting a personal device policy that provides clear guidelines on approved apps, malware protection software, IT support, and data encryption.
- Avoid Public Wi-Fi
Hackers often set up their own public networks disguised as legitimate hotspots (e.g., fake Starbucks networks). Small businesses that allow their employees to work from home should ensure that they do not rely on public networks. Even if your employees aren’t deceived by phony networks, public networks are still highly vulnerable to motivated hackers.
- Be Wary of Phishers and Pharmers
Two commons techniques used by hackers are “phishing,” in which a hacker will request personal information while disguised as a reputable source, and “pharming,” in which a website’s traffic is redirected to a fake site designed to steal your information. Employers should instruct their employees never to respond to, or click on, any links contained in suspicious emails. Employees should also be instructed they should never enter personal information into a pop-up window disguised as a legitimate site. Fraudulent websites can sometimes be identified by misspellings, poor grammar, and unprofessional design. Employers should also consider investing in anti-phishing software that employees can install on their home computers.
Follow us on: