Over the past week, many agency owners have been searching for resources to setup their staff with a remote work environment due to the Covid-19 pandemic. As part of this process, we should take into consideration cyber-security techniques that will help to prevent a potential data-breach. Below are a few suggestions that should help your agency to provide a secure remote workforce.
Company Computers – It is highly recommended to use company equipment that has been configured with anti-malware and anti-virus software. Also, do not let any other member of your household use the company computer.
Phishing Attacks – Be aware of increased phishing attacks focused on the Coronavirus. Do not click on any links unless you are absolutely sure it leads to a secure website.
Secure Home Router – Make sure you have changed the Admin password on your home router along with the SSID password to access the router.
Virtual Private Network – VPNs provide a secure link to your company’s data. VPNs are used to encrypt and add another layer of protection to your company’s data. Find out if your company provides a VPN to their network.
Operating System Updates – Verify your computer has automatic updates set for your operating system, anti-spam, anti-malware and any other software you are using. This will help to keep security patches up to date and hopefully prevent any hackers from accessing information.
Multi-Factor Authentication – If available on your software solutions, use multi-factor authentication to help secure your accounts. In most cases, you will receive an email or text message with a code to type into the system to gain access.
Strong Passwords – Adhere to the agency password policies and make sure you have at least 10 characters in your password. Passwords should include uppercase letters, lower case letters, symbols and numbers.
Automatic Logout – Your business computer should be set to log-out within 10 minutes if not in use. Make sure you do not leave the password out for someone to steal. (No password sticky notes!)
Office Location – Try to find a place within your home where you can close the door and work without interruption. Put a “Do Not Disturb” sign on the door.
Virus Protection and Anti-malware Protection – Make sure your computer is up to date with the latest version of your virus and anti-malware protection software. Set each of these to automatically install updates.
Incident Response Plan – Make sure every remote worker understands the agency’s Incident Response Plan. Know who you need to contact within the organization in case of a potential data-breach.
Email Encryption – For emails that contain Personal Identifiable Information (PII), make sure you encrypt them before sending.
Backups – Make sure you have a plan for backing up your system. Today, there are many different solutions for cloud-based backup which work well for remote workers.
If you have questions, please contact IIANC’s Technology Consultant George Robertson at GRobertson@iianc.com
IIANC members have access to a qualified, insurance agency Technology Consultant to help with a variety of issues including cyber liability planning for your agency and development of a custom Written Information Security Plan (WISP). Learn more here.