Protecting telecommuting: What security rules should be applied to secure your business?
Telework would not have been a common practice until recently.
Containment as a result of COVID-19 has increased the number of such companies that have adopted this means of remote work. However, remote work exposes companies. Because hackers can take advantage of this unprecedented increase in internet traffic for their usual illegal activities.
This article will also interest you: The warning of teleworkers in this time of crisis
So companies are looking for a way to best improve their Cybersecurity. And this is a necessity because, many are these companies that are not well equipped enough to switch to a high-trend remote work system. According to Alexandre Lazarègue, a lawyer specializing in digital law: "France has only begun its digital transformation and is not prepared for the massive telework of employees." This phenomenon was confirmed by David Grout CTO EMEA of FireEyes, in a recent statement: "Many companies see the number of phishing attacks using COVID19 as an argument, increase and user awareness is key"
The phishing system, still called phishing, is widespread. In this time of panic, it is easy to mislead the vigilance of the Internet user or even a professional with an email including a corrupted attachment. It will be enough for the hacker to use simply the magic keywords COVID-19 or coronavirus. Through this kind of sneaky approach that has become increasingly easy, the Different users, in particular companies are exposed to a number of problems such as ransomware.
To protect himself, therefore, the specialist lawyer in digital law, Alexandre Lazarègue, will advise on good practices to put in an app to help vulnerable businesses. his advice you share with:
1- Don't neglect system updates software: "To update software and systems operating operations as soon as they are proposed. These do not bring only new features, they fix vulnerabilities. »
2- Regularly save your data: "Regularly back up data on non-traditional media connected to machines (external hard drive, USB stick). »
3- Fix passwords for any access to your system or terminals: "Passwords must be robust differentiated according to usage. There is also a need to restrict access, to manage rights, partitioning usages. »
4- Use a VPN network for your remote connections: "The employee's connection to the information system business must be secure. It is recommended to use software VPN that creates an Internet connection tunnel that renders what passes through incomprehensible interior for outsiders and makes anonymous. he don't connect to public wifi networks. »
5- Set a management and management protocol verification of incoming emails: "We need to be vigilant in the processing his emails (often used by hackers to infect a woman machine). Never open emails whose provenance or form is suspicious (unknown sender, very impersonal style, text visibly translated in French automatically…). When a supplier, for example, submits a new IBAN number for a transfer, it is necessary to trigger a rigorous verification protocol beyond a simple email exchange. »
6- Avoid the use of computer tools personal in the professional setting: "Use the means secure professionals provided by his company (phone, computer, VPN, etc.). Do not circumvent them, by the use of personal means (e.g.: personal messaging). »
7- Define a computer charter: " The employer can develop an IT charter by which the teleworker is committed to using good practices to keep people safe company's IT.
It is a document of legal scope disciplinary sanctions, but also civil or criminal sanctions, and the basis for which can be attached to the internal regulation. »
8- Essential information must be also on paper: "Edit on paper a directory of validated contacts. »
9- Subscribe to insurance against cyber-attacks: "Ensuring cyber risk is also a possibility even though insurers require a minimum safety base to pay for Risks. »
10- Protect yourself from theft: "Safety cable, visible marking of equipment, automatic locking, encryption. »
Now access an unlimited number of passwords: