The recent increase in employees working from home as a result of COVID-19 brings an increased risk of cybersecurity threats.

With 25 percent of Canadian organizations now going entirely remote and 85 percent going remote with at least half of their workforce, it’s important to keep up with appropriate cybersecurity measures.

Develop an emergency policy for employees working from home

Consider developing a new, written work from home policy that goes into effect only during emergencies. This policy can account for all special considerations that are different from your original policy, which may need to be reverted back to once the emergency ends.

Employees working from home should connect to a virtual private network (VPN)

A VPN can provide a direct connection to the organization’s normal applications, similar to if the employee was connected directly to the organization’s network. This can hide the user’s IP address, encrypt data transfers in transit and mask the user’s location. If the organization already has a VPN, ensure that it can handle the extra bandwidth from the sudden influx of new remote users.

Ensure software is updated

All devices being used for work should be secured with up-to-date firewalls, antivirus, anti-malware and data encryption software.

Enforce basic cybersecurity practices

Reinforce the importance of basic cybersecurity practices, such as using strong passwords and refrain from connecting to public Wi-Fi.

Avoid using removable media

Keep the use of removable media such as USBs, SD cards and discs to an absolute minimum and never use it as the sole storage location of valuable data.

Limit employee access

Rather than allowing employees access to all programs and resources, grant them access to only the programs and resources that are essential to their duties.

Review These Common Cyber Security Terms

Part of practising effective cyber security at your organization includes understanding and correctly using industry terms. Stay in the know with these common cyber security terms:

• BYOD (Bring Your Own Device): Refers to employees bringing their own mobile devices such as cell phones or tablets to work and using them for work purposes.
• IoT (Internet of Things): Refers to the web of devices connected to the internet—including computers and mobile devices, as well as non-traditional devices like office heating and air conditioning, doorbells, smart lights and smart speakers.
• DDoS (Distributed Denial of Service): A type of cyber attack that attempts to overload the entire network until it collapses.
• Blockchain: A type of database commonly associated with bitcoin that uses a chain of data chunks designed to prohibit the alteration of any data without affecting the rest of the chain.
• Deep Learning: A new type of artificial intelligence that uses algorithms to create neural networks inspired by the human brain.
• Phishing: A common type of cyber attack soliciting private information in an attempt to fool a user into divulging confidential personal and financial information.
• VPN (Virtual Private Network): A tool used to route your device's internet connection through a private server rather than your internet service provider (ISP), thus masking your location and encrypting traffic.

Consider Ontario Cyber Insurance

Even if your business enforces all of these measures, cyber criminals continue to find new ways to attack businesses of all sizes. Cyber insurance in Ontario can help protect your business from many types of cyber threats.

Contact a Scrivens cyber insurance broker today to get a quote for your business.