From fake online shops to ransomware attacks on hospitals, and cruel phishing emails, COVID-19 has seen a significant rise in cybercrime.
The National Crime Agency has even issued a stark warning that criminals are using the pandemic to scam the public, but as you might expect, the threat extends to businesses, too.
New processes, forced working from home, and ad-hoc system implementation has unfortunately opened doors for cyber criminals to exploit. For many businesses in the construction sector, this is a brand new threat.
Thankfully, there are a few simple strategies you can implement to protect your business in the wake of COVID-19.
It all starts with remote workers
Chances are, you’ll have been forced to implement remote working for some or all of your staff. And, while it may have resulted in an upturn in productivity, it’ll have presented a fair few technological challenges, too.
This is why you need to put remote workers at the heart of everything you do. Work has now changed – probably for good. The traditional workplaces found in construction, while not entirely a thing of the past, are now far more dynamic. No one knows if, or when, it will be normal to work in offices again.
If you felt ill-prepared for people suddenly working at home, now is the time to ensure they have not only the right resources to do so, but that those resources are correctly protected against cybercrime.
Beyond the security aspects of your dynamic workforce, make sure you focus on up-skilling remote workers in the following ways:
- pair remote workers with senior employees and encourage mentoring;
- identify star talent and those who are the most security conscious and ask them to share their approach to remote work; and
- create an internal learning community where all employees can engage freely, ask questions and exchange information (Microsoft Teams is a great platform for this).
Get serious about your external perimeter
A company’s external perimeter is designed to protect the devices that use external networks outside of your office. It’s always been important, but with more people operating away from HQ, you really need to get a handle on your perimeter.
You can do this by:
- implementing network access control for all devices and enforce security policies;
- implementing a VPN connection for any device (business-owned or personal) which needs to connect to your network from elsewhere; and
- locking down business devices so they have a predefined security configuration which can only be changed by an administrator.
Lean on the big boys, too. For instance, if Microsoft’s Sharepoint looks like a far easier and more secure solution for remote workers, it’s sensible to invest in that form of cyber defence.
Look beyond the cost savings of the cloud
If you’re a recent cloud convert because of COVID-19, that’s great. But it’s important to look past the obvious cost savings and efficiency gains the cloud offers.
You’ll need to adopt formal strategies for cloud apps and storage which are followed, company-wide. Equally, if you think there’s a need to use more than one cloud service, that use should be rationalised; would it not be better to consolidate everything onto one secure platform?
Review your BYOD policy
You probably had a bring your own device (BYOD) policy before COVID-19, but it’ll have really been put to test – or forgotten entirely – over the last few months.
Now is a great time to review your BYOD policy. Look for instances where business calls are routed through personal phones, or where employees are using their own laptops and tablets consistently for work reasons.
They almost certainly will be, and that’s fine, but it demonstrates how important a security-first mindset is now that you have people working consistently or permanently at home.
Need some help?
Adopting to a new way of working and securing your business after COVID-19 may feel like a challenge. But, that’s why we’re here.
We’ve helped a number of financial services clients throughout the pandemic get back on their feet and take advantage of the new world in the most security-conscious way possible, and we can do the same for you.
Just get in touch with our team and ask any questions you might have. We’ll be happy to help.
