How to secure your data when your employees are working form home?

June 27, 2020

With the relentless onslaught of corona virus, unemployment is rising at an alarming rate and people who are lucky enough to still be employed, an enormous majority of the workforce is working from home. Most of the companies were not prepared for this eventuality, a pandemic. And this has brought new security challenges and perhaps a new way of work life to the forefront of what we now exist in, as unfortunate as it is. The attack surface has suddenly expanded, no barriers, no edge, no perimeter and perhaps limited visibility into the WFH mandate. Though many companies were already offering work from home jobs, they have had a well implemented or well-intended cybersecurity program in place. But a majority of companies who were not prepared for this sudden change are now buckling while major MSPs are getting crushed such as that of the recent Cognizant attack. We are all now a target, however major MSPs have had the budgets and at a minimum should have an obsession to protect theirs and their client’s data. With this statement we realize we are creating a ”Theta vs. Goliath” scenario however with the untold fortunes these major MSPs make to the tune of 16.8USD Billion per year it goes to show the impact of 3rd party providers.

According to a report from checkpoint in a poll with about 400 respondents from global organisations with over 500 employees, more than 70% employees reported an increase in cyber attacks since the emergence of the covid-19 pandemic. Phishing emails take the cake with 55% and malicious websites about 31%. These stats support the claim that there is a spike in ransomware activity and we have all been forwarned.

Cyber criminals know very well that humans are most vulnerable during a calamity. Hence, they design their campaign around that calamity. There have been a lot of ransomware attacks based on covid-19 related activities. One vendor saw a 600% increase in phishing mails in the last one month.

As most of the employees are working from home, your data becomes much more vulnerable to ransomware attacks. How do you ensure the security of your employee’s personal laptop? How do you know if his/her home wifi network is secure? What if the concerned employee is handling finance and all the finance related documents get encrypted by a ransomware? What if the concerned employee is handling all your design documents and they get encrypted. You may have to end up paying the ransom and get the keys to decrypt the data, or not. But according to a Forbes report, only 19% of ransomware victims get back the data after paying the ransom.

How do you safeguard your data from ransomware?

  • The first step to better security is training the staff, making them cybersecurity aware. Beginning with security awareness around phishing see THETA432 A.V.A.
  • To secure your data from ransomware, the most reliable method is to have backups.

A 3-2-1 back up strategy is normally used by all and it is one of the safest strategies. In this strategy, three backups are kept. Two are stored on different media and one kept offsite.

With work from home as the new norm, it becomes difficult to ensure that your employee is following the 3-2-1 back up strategy.

This is where Theta432 DRX (Disaster Recovery Exchange) comes into picture. DRX makes it very simple and it automates the backup procedure. All employee data work product will be kept in their own vault to prevent it from becoming encrypted from ransomware which features anomaly detection. In the unfortunate event a computer becomes encrypted we can recover work product and have your users up and running in no time.

Click here to know more.

Authored by

Basheer Ahmed Khan

Theta432 Director of Operations, India