Employees are the weakest link in any corporate security system. Anyone whose job it is to protect information systems can confirm: No matter how advanced a security technology is, a careless or clueless employee can always stumble into a way to put the infrastructure at risk. If you recently switched your employees to home-working mode (as almost half of humanity has at present), the scope for error is now an order of magnitude greater.<\/p>\n
When people work in the office, protection systems and IT staff are there to take part of the burden. It\u2019s no guarantee of perfect safety, of course, but at least the company\u2019s antivirus solution will block phishing sites, and the infosec team can spot anomalies in traffic from an infected machine. IT promptly installs updates to patch the latest vulnerabilities<\/a>.<\/p>\n Employees switched to home-working mode now have to handle all of those things, and more. Here\u2019s where security awareness begins to play a far more significant role.<\/p>\n What devices do your employees use to work from home? An office laptop in compliance with corporate policies? Great, but it\u2019s still not enough. That laptop is now connected to an unfamiliar home network. What other devices are connected to the router? What kind of router is it? How strong is its password, and who configured the device \u2014 and how? If the employee is using a personal home computer instead of a corporate one, you don\u2019t know who else has access to it, what security solution is installed, or whether anyone bothers to update the operating system.<\/p>\n We are not suggesting that everyone has to become a sysadmin guru overnight, but the ability to identify threats and weak points would be a major plus for all. This would stop people connecting to corporate databases directly if the company has made a VPN available, installing fake \u201cflash player updates,\u201d and letting outside \u201cexperts\u201d play around with the settings.<\/p>\n What data do your employees use in their daily work? Do they know what confidential information actually means, and what data is a corporate secret? In a perfect world, they\u2019d have learned this on day one, back in the office. However, it\u2019s one thing for an employee to work with a list of EU clients on an isolated office subnet, but something else entirely to access such files from home.<\/p>\n After all, when working remotely, the ability to use an unmonitored, unofficial collaboration tool<\/a> can be all too tempting. Everyone needs to be quite clear about what data can be sent over unofficial channels, and what must never leave the network under any circumstances.<\/p>\n Both remote workers and IT experts alike need to understand that the current pandemic is a boon for cybercriminals. We have seen waves of COVID-19 phishing, both mass<\/a> efforts and those targeting specific industries<\/a>. Some crooks try to pull off BEC attacks<\/a>, hoping their messages will slip through in the surging flows of telecommuting correspondence. Our security technologies have detected corporate infrastructures subjected to constant scans from the outside in search of open RDP ports. That\u2019s reason enough to double down on vigilance.<\/p>\n Start by conveying the idea to employees that they are now far more responsible for information security than ever before. That may seem obvious to you, but it simply doesn\u2019t cross many people\u2019s minds. Next, raise their level of security awareness. Sure, there are no face-to-face cybersecurity sessions at present, but our distance-learning programs more than compensate for that. And we are constantly updating and improving them.<\/p>\n The easiest way to set up remote cybersecurity training is with our Kaspersky Automated Security Awareness<\/a> platform. It not only keeps employees informed about the latest threats, but also teaches them how to resist those threats. What\u2019s more, the manager has control over the process and can set up the training program remotely. The lessons were created by specialists in the field of education and psychology, who made the material both catchy and memorable.<\/p>\n Just recently, our experts added two training modules on the hot topics of confidential data and GDPR. The first is for employees who work with personal data, commercial secrets, or internal documents. The second is for companies whose clients or employees include EU citizens.<\/p>\n\n \u00a0<\/p>\n In addition, our training experts, together with Area9 Lyceum<\/a>, have created a complimentary module that consists of two major parts. The first teaches participants how to organize a secure working-from-home environment. The second is not about information security at all, but how to minimize the risk of contracting COVID-19. The module is available here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Did you have a chance to train your employees in the basics of information security before sending them off to work from home? <\/p>\n","protected":false},"author":700,"featured_media":34973,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[2507,3679,2013,522,3735,3727,1795],"class_list":{"0":"post-34972","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-awareness","10":"tag-coronavirus","11":"tag-gdpr","12":"tag-products-2","13":"tag-remote-work","14":"tag-telecommuting","15":"tag-training"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/awareness-telecommuting\/34972\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/awareness-telecommuting\/20664\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/awareness-telecommuting\/16481\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/awareness-telecommuting\/8124\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/awareness-telecommuting\/21538\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/awareness-telecommuting\/19789\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/awareness-telecommuting\/18486\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/awareness-telecommuting\/22491\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/awareness-telecommuting\/21412\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/awareness-telecommuting\/28180\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/awareness-telecommuting\/8135\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/awareness-telecommuting\/14685\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/awareness-telecommuting\/15047\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/awareness-telecommuting\/13518\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/awareness-telecommuting\/23751\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/awareness-telecommuting\/25324\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/awareness-telecommuting\/22103\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/awareness-telecommuting\/27374\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/awareness-telecommuting\/27212\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/remote-work\/","name":"remote work"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/34972","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=34972"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/34972\/revisions"}],"predecessor-version":[{"id":35561,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/34972\/revisions\/35561"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/34973"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=34972"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=34972"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=34972"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Being one\u2019s own IT administrator<\/h2>\n
Being one\u2019s own data protection officer<\/h2>\n
Being one\u2019s own cybersecurity specialist<\/h2>\n
How to train employees in this environment<\/h2>\n