March 31st, 2021 Read Time: 10 minutes
Justin Sheil is the Content Marketing Manager at Electric. He has 5+ years experience writing about a wide range of technology topics. As part of his role at Electric, he currently functions as the head of the company’s Research & Insights division.
Subscribe to our blog and stay up to date
Throughout last year, the sudden shift to remote work created a new realm of opportunities for hackers. This meant cybersecurity became a priority for most organizations if it wasn’t already.
According to IBM’s most recent “Cost of a Data Breach” report, the global average cost of a data breach is $3.86 million. While that may be manageable for large corporations, that could put startups and SMB—common victims of cyberattacks—out of business.
The IBM report also explored the effects of remote work on data breaches. Of those surveyed, 70 percent said that remote work would “increase the cost of a data breach.” In addition, 76% said that remote work would “increase the time to identify and contain a breach.”
We’ve compiled a list of cybersecurity best practices for employees to follow to create a more robust cybersecurity ecosystem within your organization.
Cybersecurity best practices can be adapted to most kinds of work environments, and developing a plan does not require you to start from scratch. Many IT security experts recommend following the guidelines established by the National Institute of Standards and Technology (NIST) in its Cybersecurity Framework. It consists of five “core” functions that organizations should perform continuously:
Identify - Understanding the current state of your assets and data and who has access to them.
Protect - Creating the safeguards necessary limit the access and release of sensitive data.
Detect - Implementing tools and actions that can detect breaches or suspicious events.
Respond - Developing protocols that allow you to quickly take action in the result of a data breach.
Recover - Developing protocols that allow the organization to resume normal activity in the case of an incident.
Zero Trust is a security methodology that is centered on the assumption that no person or device inside or outside of a network can automatically be trusted. Users and devices must be authenticated and authorized to access multiple, smaller perimeters to access data. The concept of trust is usually divided into five main pillars:
Once trust has been initially established, then the system will grant or deny access. In addition, it is important to regularly re-verify all of the pillars. Zero Trust architecture is maintained through a combination of protocols including multi-factor authentication, privileged access, and real-time monitoring.
In a time when many employees are accessing company data from everywhere but the office, it is particularly important to have security measures in place to address this change.
Conversations about cybersecurity best practices for employees need to happen more than just during an employee’s initial onboarding. Consider scheduling regular educational sessions with remote employees explaining how security is particularly important now when they do not have the protections of the office environment.
Education should not only be centered around tasks that employees can take to secure home networks or devices. It’s also important to discuss how cybersecurity is the responsibility of everyone in a company, not just IT or management. Some employees—especially those who do not work with sensitive information as part of their jobs—may not be aware that they could be vulnerable to hackers or malicious actors.
Employees may mistakenly give out sensitive information. This is an ongoing struggle for most organizations. In our recent 2021 Cybersecurity Report, 71% of respondents indicated an employee at their organization succumbed to a social engineering attack attempt since the outset of the pandemic.
If you have not done so already, now is the time to develop a remote work cybersecurity policy that is specific to the current situation. Here are some recommendations for what it should address:
Company-issued device usage for non work-related activities
Limitations on what can be accessed from personal devices
Securing home wireless networks
How to notify IT of a possible attack or phishing scheme
A response plan that allows employees to quickly get back to work.
Working from home means that employees access information via networks that IT teams have no control over. Common mistakes that many people make that could compromise their security include not updating firmware regularly, not encrypting their wifi configuration, and not changing the router login and password from the default. As a cyber security best practice, remember to do everything we just mentioned.
For more info on how to secure your home network, check out our post on Best Practices for Home Network Security.
While most office wifi networks are well encrypted and secure, public wifi networks can have a host of security issues. If you must use public or hotel wifi, you should use a VPN to protect and encrypt your connection. Virtual private networks (VPNs) ensure a secure connection between a device and the company network.
As a best practice, your IT department or MSP should choose and mandate a quality VPN— it’s important to keep in mind that not all VPNs are created equal.
While most employees have a work-provided laptop, some will choose to use their own machines for many reasons including convenience or quality. This can be a problem when employees don’t have additional protections on their own devices like antivirus software and firewalls.
Here at Electric, we have keen insight into this— more than half of all customer devices that we onboard do not have the basic security controls that we recommend in place.
As part of onboarding, Electric works with our customers to implement a default set of cybersecurity policies that improve the security posture of our customers’ devices, which consist of automated security patching, full disk encryption, automated screen lock, and enabled firewall. We’ll explore them as their own best practices in further detail below.
Patch management is an item that should be of concern for your organization. As a cybersecurity best practice, quick patching of critical vulnerabilities reduces the risk of security breaches that can be costly to your business.
Consider the simple fact that unpatched devices are more susceptible to cyber attacks. A ServiceNow survey found 57% of cyberattack victims reported that their breaches could have been prevented by installing an available patch.
Consider how automated patching also saves IT professionals the many hours it would take to manually scan devices to assess for a latest version and then have to manually push out the latest version themselves. Automation therefore enables patches to be applied across multiple vulnerabilities in a controlled manner simultaneously which dramatically accelerates the process and eliminates the risk of failure.
Patches can be released between five and twenty times a month. When you consider all of the applications on a given device for one of your company workstations, getting these patches installed in a timely manner has never been more critical as it is today.
When every hard drive on every device in your organization has data at rest Full Disk Encryption (FDE) enabled, your company’s entire security posture is stronger. A stolen laptop is no longer an existential security threat. Any sensitive data on the device won’t be accessible to the thief without another vector of attack like stolen credentials.
An example like this Lifespan incident, where a stolen laptop that was not encrypted and did not have password protection in place led to Rhode Island’s largest health network having 20,000 patients’ information exposed.
Such data breaches can be avoided by enabling FDE on your company devices, a cybersecurity best practice to start doing immediately. Both Apple and Windows have their own native encryption software—FileVault and BitLocker, respectively, that enables encryption out of the box.
Without a group policy tool or similar solution in place at your organization, IT professionals might struggle to remotely enact FDE across an organization’s devices. Here at Electric, we use Jamf Pro and Kaseya for Apple and Windows respectively for device management and the remote implementation of device configurations and security policies.
The cyber security best practice we recommend is automating screen lock. This involves activating a computer’s sleep mode after being idle for a specified amount of time, and prompts the user to re-enter their password upon returning. This helps ensure devices are not accessible if left unattended.
At Electric, we recommend automating screen lock after 10 minutes of idle time.
As mentioned previously, employee workstations have a lot of valuable and sensitive information on them. Someone leaving a device unlocked while away from their desk leaves all of that sensitive information available to whomever walks past. If they gain access to your computer, they may be able to share, modify, and remove data from your computer.
While this cyber security best practice might seem redundant for those currently working from home where they trust those they live with, it’s still a good policy to enact. Young children who might not know better could still accidentally delete critical information with just a few keystrokes!
Another best practice for cyber security that might seem obvious, but is still important to reiterate, is ensuring that all company devices have a firewall enabled. A firewall is a type of software (or hardware device) that protects devicess from being attacked over the internet. They monitor inbound and outbound activity coming from your network for suspicious activity, blocking items that are considered dangerous based on a set of security rules.
Firewalls prevent unwanted applications from accessing endpoints by controlling connections on a per-app basis. Per-app protection adds a layer of security for vulnerable network ports that must remain open.
A 2019 cybersecurity incident that impacted a US power grid was later found to be caused by unpatched firewalls. The power grid operator eventually discovered that they had failed to apply appropriate patches to the firewalls that were under attack and the mysterious activity only ceased after they deployed the proper patches.
As a cyber security best practice, multi-factor authentication (MFA) should always be used so it is harder for hackers to access your sensitive information. With MFA, hackers need an additional factor such as a fingerprint or security code to log in to the system. For example, when users enter their usernames and passwords, a unique code is sent to each smartphone. That code must be entered into the system before access can be granted.
Given that 63% of data breaches can be traced to weak or reused passwords, adding the additional authentication factor of MFA is one way to strengthen security.
Users who opt to duplicate their passwords in their personal and work accounts are at a staggering 73%. There is a clear need to reinforce the importance of using strong, complex passwords as they are essential in stopping hackers from accessing your company’s sensitive information.
Simple passwords or password sharing can make access easy and be detrimental to your organization. For instance, if a hacker can figure out your password, it could give them access to the company network.
Prior to the pandemic, many cybersecurity tasks were already being done remotely especially at large corporations that have a mix of satellite offices and a work-from-home workforce. There are also multiple cloud cybersecurity tools that allow IT teams to protect a company’s assets without having to be in a centralized location.
As the world continues to navigate the complexities of a distributed workforce, Electric is here to support your organization. Electric can work closely to help you push security policies and configurations that adhere to industry best practices across your entire company. Our commitment to architecting IT infrastructure security starts at the core of your business. That's why we unify security at the device, application, and network levels.