The COVID-19 pandemic has forced businesses to rapidly scale up remote working. Before the 2019 Novel Coronavirus outbreak, many employees were spending some of the week working remotely but now businesses have had to allow virtually the entire workforce to work from home. While there are signs that the lockdown measures are having an effect and the number of new cases is starting to level off, it is likely to be some time before lockdowns are eased and life can return to normal. Even when governments start to ease restrictions, it is likely that most employees will have to continue to work from home for many more months.
Protecting a Remote Workforce from Cybersecurity Threats
At TitanHQ, we have seen the number of COVID-19 and Novel Coronavirus-themed phishing emails steadily grow over the past few weeks. Now, huge numbers of phishing emails are being sent that use COVID-19 as a lure to get remote workers to divulge their credentials or install malware. The email campaigns are highly varied, with some of the most common lures being the offer of a cure, information on how to protect against infection, advice to avoid transmission of the virus, and offers of the latest data on local cases.
One of the problems for IT departments is employees want all this information, so there is a high chance of at least some of those messages being opened by employees if they arrive in inboxes. Infected email attachments may be opened and clicks on links will see employees visit phishing websites where credentials are harvested or malware is downloaded.
Entire households are self-isolating together and schools are closed. Demands are being placed on employees that do not exist in the office, which means that concentration lapses are likely to occur, and that increases of a response to a phishing email.
It is therefore important for businesses to take steps to reduce risk. Cybersecurity awareness training for the workforce is critical to make employees aware of the threat of cyberattacks while they are working remotely and to reinforce education on cybersecurity best practices when working remotely. It is also essential for cybersecurity measures to be implemented that can reduce the risk of employees encountering a threat, and make sure that threats are neutralized if they are delivered.
Two Cybersecurity Solutions to Improve Protection for Remote Workers
There are two important cybersecurity solutions that can help in this regard. A powerful email security solution is required to improve the detection of phishing and malware threats and a web filtering solution to block attempts to visit malicious websites.
You will already have some email security measures in place to block spam and phishing emails, but for many businesses this will be the standard protections provided by Microsoft with Office 365. While Microsoft’s baseline level of security, provided through Exchange Online Protection, is reasonably effective at blocking spam email, it is far less effective at blocking phishing attacks and zero-day malware threats. Given the volume of phishing threats now targeting remote workers, you should consider bolstering your email security defenses by adding an additional layer of security on top of Exchange Online Protection.
SpamTitan Cloud is a powerful email security solution that will provide superior protection for Office 365. SpamTitan Cloud compliments EOP and will improve protection against the full range of email threats, including zero-day threats that often sneak past EOP. SpamTitan Cloud scans inbound email and uses machine learning techniques to identify never-before seen phishing threats and outbound email scanning to detect already compromised mailboxes and block spamming and malware distribution. Malware protection is improved with dual antivirus engines and sandboxing to detect and block zero-day malware threats. SPF and DMARC are also incorporated to identify and block email impersonation attacks.
Protection from web-based threats is also important. WebTitan Cloud is a powerful DNS filtering solution that can be used to protect workers on or off the network. Businesses can apply filtering controls to prevent employees from visiting malicious websites and stop work-issued devices from being used to access risky websites and those that serve no work purpose. In addition to blocking malware downloads and curbing cyberslacking, the solution can also be used to prevent the installation of shadow IT – the downloading and installation of unauthorized software solutions.
Both of these solutions can be implemented by businesses and MSPs remotely without the need to install any clients. They are easy to implement and maintain, and both solutions are extremely well priced.
For further information on improving cybersecurity for your remote workers, give the TitanHQ team a call today.