By now you have probably got used to the idea of working from home and have had to deal with the varied challenges that this new way of working brings. Finding a quiet spot among the chaos that often defines family life and getting to grips with technical aspects of support programs like TEAMS, ZOOM, Asana, Power BI etc. The reality is we have just seen another two weeks added to our lockdown period in South Africa, but regardless of where you are, I bet you are already thinking about life post-COVID-19 and that remote working is high on the list of probabilities.
What you have also been made aware of through our recent SATIB Advisory # 5, https://satib.co.za/hackers-take-advantage-remote-working-covid-19/ and various media releases, is the added CYBER threat that the remote working environment brings to you personally, your business and your clients.
We must consider the online risks to our businesses. CYBER Insurance is becoming as important as your home and motor insurance. It is a reality and the risk of you being a victim has never been higher.
Generally CYBER Insurance will respond 4 key areas:
- Rectification costs following a cyber event, which can include a broad range of support for clients, including public relations and legal support and payment of ransomware demands to get your business back up and running as quickly as possible.
- Third Party loss, regulatory fines, legal expenses, and support should there be an actual or alleged breach of your system.
- Liability to third parties should a cyber event result in a loss to a third party. As part of this service insurer will offer legal support to you as the client while handling a third-party claim
- Business interruption costs should a cyber event prevent you from operating for a period.
We encourage you to speak to your Account Executive about putting a policy in place if you do not hold a policy already or get in touch via contact@satib.co.za
Even with insurance coverage, it is good to observe solid risk management procedures.
The following tips for protecting your business while working remotely have been supplied by industry experts:
Maintain Anti-Virus and Anti-Malware Software
Remind employees to install and regularly update adequate security software on all electronic devices they use to perform work remotely. That can be a phone, tablet, laptop, etc. Some employers are eliminating BYOD options and mandating that employees use only employer-supplied equipment and devices.
Power Down
Encourage employees to power down computers when not in use. Powered off, computers are not accessible or susceptible to attacks or intrusions from the internet.
Back Up Data
Regularly backup sensitive information and, depending on the importance of the data, make sure it is encrypted. Secure backups are the best strategy to prevent critical business disruptions in case of a ransomware attack.
Issue security policy guidance and rules
Annual trainings and email reminders from the IT department are not enough to keep good cyber habits top of mind for employees. A fresh reminder can go a long way to reinforce security best practices.
Set up a virtual private network system (VPN)
A VPN system creates an encrypted tunnel that your internet traffic travels through so it can’t be seen by third parties. Setting up a VPN can seem daunting but just requires a couple of hours to configure and isn’t technically difficult. VPN with multifactor authentication should be used, as it is the strongest defence.
Require Use of Encryption and Wi-Fi Protected Access (WPA) to Secure Networks
While no Wi-Fi is totally secure, private, password protected networks are significantly more secure than public Wi-Fi networks – especially those offered in cafes, hotels, and other public places. You can always ask a business that offers public Wi-Fi if private password protected networks are available.
Password-Protect Devices Used by Employees and Third Parties
Require employees to use strong passwords that contain letters, numbers, and special characters. Avoid using the same password on multiple devices/accounts.
Be sure to implement these tips now and get in touch with us to get CYBER Insurance in place to better manage your exposure. contact@satib.co.za