1. Don’t take the bait
Phishing remains a popular—and effective—technique for attackers. It is an attempt to steal credentials and obtain sensitive information, often by an e-mail message containing a link to a seemingly legitimate Website. Phishing is the top threat action used in cyber-security breaches, according to Verizon’s 2020 Data Breach Investigations Report. To combat phishing, employees should know how official communications will be sent, treat unknown e-mails and links as suspicious, and have an easy way to alert their IT security team.
2. Improve cyber-security training
Most cyber-security training revolves around workplace use, with passing mention of security best practices while on business travel. Remote work opens the door to risks posed by unknown Wi-Fi networks, shared workspaces, wireless printers, and similar technologies not vetted by IT security. Cyber-security training should include best practices for remote work, covering: working environment, router security, use of a virtual private network (VPN), oversharing screens during online meetings, personal use of company computers, and IT support.
3. Secure collaboration tools
Collaboration tools,…
