As most of America’s office workers have now been uprooted from their desks and sent home, many are creating dangerous gaps in their companies’ defenses without even knowing it.
How do I know? Because I am a hacker.
Happily, my colleagues and I are the good guys. What we do helps companies better defend themselves. And because we do what we do, we also know what hackers know.
Here’s what they already know about you, along with some tips for making yourself a much harder target during this COVID-19 emergency.
— You’re hungry for news
Hackers know you’re uncertain about what’s happening across the country and around the world. That makes you more likely to click on a malicious news link that could download an exploit to your machine and infect your entire network. Avoid this threat and …
— Go to the source
For the best, most up-to-date information, go to trusted government or news media websites — sites you know and have visited before. Not only is this safer for your network, but you’re also likely to get more reliable information than you would from other places.
— Your IT staff is overwhelmed
Maybe you brought your laptop home from work, or maybe you’re using your personal device. Either way, it’s critically important that you use a virtual private network (VPN) to access your company network securely. If you have trouble accessing it or getting logged in, you may be tempted to simply work around it if that’s an option. What you should do instead is …
— Ask for help (and be patient)
Your help desk team and/or network administrators are there for a reason. They may be dealing with many more remote workers than they are accustomed to, so they might not be able to get to you immediately. But extra security is worth the wait.
— Your internet is slower
We all get frustrated with our connection and download speeds occasionally. That’s especially true now that so many of us are doing business across connections that were meant for home use. Hackers know that and hope that you’ll try an unsecured access point or disable your spam and virus filters or endpoint protection. Either could be disastrous, so a better idea is to …
— Keep work and personal data separate
Don’t download music or stream video over your VPN because it will slow down everyone’s connection. Likewise, don’t store any work-related files on your personal devices. Your company network and devices are configured to optimize security. Make sure all work stays in that environment. And never, ever disable the services that protect you.
The COVID-19 crisis has made times hard for countless companies of all sizes.
Sound cybersecurity practices may or may not make business better, but they can certainly keep things from getting much worse.
___
Bonnie Smyre is the chief operating officer for Raxis, an Atlanta-based penetration-testing (ethical hacking) company. Raxis has been hired to challenge, evaluate, and strengthen the cyberdefenses of some of the largest corporations in America.