Understanding Cybersecurity Risks During the Rise of Working from Home
Experts Report: Assistant Professor Maurice Dawson
During the pandemic so many cybersecurity vulnerabilities that have been highlighted have been really targeted at individuals themselves. So if you build a secure system, the system is secure but it still has a human element—so it's the individual that creates that vulnerability.
Corporations need to adjust their training. A lot of times we get this yearly training that's canned, that says don't give out your password, be careful who you speak to. They need to start training based upon the actual attacks that they receive as an organization and not what's being sent up to the masses. So if it's phishing—any certain type of phishing—then that training needs to address that.
Some other items that you can do, I would start using encryption. So make sure your home folder is encrypted, so if you have to store something you store it there and it's encrypted so if something happens to your actual system it's encrypted. Make sure you have backups, so backup information that you need—so back it up offline and off the network. So make sure you have an attached drive, backup the information, and make sure it's encrypted. And if you're actually going to use any shared drive, any cloud, make sure that any critical information is encrypted before you put on the cloud.
As we continue to work from home, there needs to be a partnership between the company and the employee. Both need to understand that cybersecurity is important. There's controls that need to be in place at the individual's home as well, and so I think that organizations can provide guidelines on how to make sure that their home network is secure.
And if they provide these guidelines, I think a number of employees will follow them, and it will enhance their actual home network and make it secure for not just them but also the organization.