5 Ways to Protect Your Network from Cyber Risks as Employees Return to Work
Many businesses are welcoming remote employees back to the workplace as stay-at-home restrictions ease. But after months of working at home, employees could be returning to the office with laptops and other devices infected with dormant malware that could put company networks at risk.
Without a dedicated IT staff to keep routers patched and secure, home networks are typically considerably less secure than corporate networks. Cyber criminals may exploit this lack of security by accessing an employee’s device while it is connected to their home network and then lying in wait. When the employee returns to the office and connects the device to the corporate network, these cyber criminals can then access the corporate network, escalate privileges, deploy ransomware and compromise business operations.
“As soon as that laptop is put back on the corporate network, the scope of potential damage that can be caused, together with the size of the ransom that can be demanded, increases dramatically,” said Ken Morrison, Director of Cyber Risk Control at Travelers. Beyond awareness, organizations should also implement best practices to reduce cyber risks when employees return to the office.
“For example, Endpoint Detection and Response (EDR) solutions can help provide greater capabilities than traditional antivirus software,” Morrison said. “An EDR solution can detect and remediate security incidents as they occur, before the rest of the network is exposed to unnecessary risk.”
5 Steps to Help Prevent Cyber Risks from Returning Remote Workers
These five steps can help prevent cyber criminals from invading your network.
Step 1: Update Network Devices and Controls
If your business was operating remotely or at a reduced capacity, you may have shut down components of your on-site network or left them unattended until resuming normal operations. As a result, critical network devices may have missed routine updates and essential security patches, weakening your business’s defenses against cyber crime. Before bringing employees back to the office, make sure all firewalls, servers and other network components are up to date and properly secured.
Step 2: Double-Check Backups
Ransomware is a fast-growing malware threat that can infect an entire network and potentially cripple a business by locking up computer data for days, weeks or even months until a ransom is paid. While most ransomware attacks fail, the ones that succeed are becoming increasingly vicious. Follow these steps to help protect your business from the effects of a ransomware attack:
- Make frequent, comprehensive backups of important files, including data, proprietary software and critical services, such as Active Directory.
- Store your backups offline in a segregated location from the working network to help ensure they don’t fall prey to hackers.
- Test your backup and recovery capabilities to be sure that the backups will be available when needed.
Step 3: Sanitize All Work-From-Home Devices
Reintroducing laptops and other work-from-home devices to the corporate network presents a significant risk to your network’s security. Before allowing employees to connect directly to the network, take these measures to assess the health of the devices they have been using:
- Scan all devices for malware and clean as required.
- Make sure that all software is patched, and that operating systems and software versions are current.
- Check for apps and software that employees may have installed without your knowledge or consent. Remove those that are unauthorized and present a security risk.
Step 4: Upgrade Your Cyber Defenses
Many businesses remain at an increased risk for cyber crime because they continue to rely on traditional antivirus solutions. Antivirus software works by identifying the signatures of known malware. New strains, which are constantly emerging, may go undetected as a result.
If your business relies on antivirus software to protect your IT infrastructure, you could benefit by upgrading to an Endpoint Detection and Response (EDR) solution. An EDR solution monitors all endpoints within a network, from desktops and laptops to phones, servers and printers, searching for behavior that may indicate malicious activity.
As a benefit to current cyber policyholders, Travelers offers 60-day access to SentinelOne™, an EDR platform, at no additional cost, that includes the ability to roll back an attack after it has started. Policyholders who choose to continue this service will also receive a discounted subscription after the trial ends.
Step 5: Have a Cyber Incident Plan
Cybersecurity events happen, both in times of crisis and under normal operating conditions. An incident response plan can help you respond proactively to minimize the effects of an attack. If you don’t have a plan in place, take the time now to develop a plan tailored to the unique risks your business faces. If you already have a plan, it is a good practice to revisit the plan periodically to capture any new practices that will improve your response in the future.
Even with the best of planning, businesses may fall victim to costly cyber attacks. Discover how cyber insurance from Travelers can help protect your company before, during and after a cyber event. Talk to your Travelers representative or find an independent agent today to learn more about protection from today’s cyber risks.