COVID-19 Resource Center

March 19, 2020

COVID-19: Tips to Avoid Cyber Security Attacks for the New Remote Workforce

In response to COVID-19 work disruptions, a growing number of organizations have allowed their employees to work remotely.  Cybercriminals will see the increasing number of inexperienced remote workers as an opportunity to strike. 

Due to this, the U.S. Department of Homeland Security has issued an alert to organizations with remote workers "to adopt a heightened state of cybersecurity," citing an escalated risk of phishing and malware attacks as well as ransomware during the pandemic.  The World Health Organization recently warned individuals that cybercriminals are disguising themselves as the World Health Organization to engage in phishing attacks.

With this in mind, here are some measures that workers and companies can take to reduce their vulnerability while working from home:

  1. Make sure your remote workers understand basic security hygiene, including the use of strong passwords and multifactor authentication.

  2. Encourage workers to be wary of and report suspicious emails. Remind them to avoid clicking on any links or attachments that are unfamiliar to them.

  3. Remind workers never to share personal or financial information through an email message.

  4. Ensure that your company is using Virtual Private Network (VPN) services and make sure all VPNs are patched and up to date.

  5. If your company handles personal or sensitive information, consider using encrypted messaging for work communication.

  6. Create a recovery plan in case your company suffers a data breach stemming from work from home conditions. This includes circulating a list of internal and external emergency contacts.