Tag: cybersecurity

How to Be Cyber Smart this Cybersecurity Awareness Month – Ping Podcast – Episode 57

Episode 57: How to Be Cyber Smart this Cybersecurity Awareness Month

Be Cyber Smart (or more technically #becybersmart) is the ongoing theme of Cybersecurity Awareness Month (which happens to take place in October). But how does one go about getting smart when it comes to cybersecurity? National Cyber Security Alliance (NCSA) Interim Executive Director Lisa Plaggemier joins us to offer tips and resources for individuals and businesses. Her two top tips are strong passwords and multifactor authentication (MFA). Lisa also tells us about the origins of Cybersecurity Awareness Month, why security is more important now than ever before, challenges in the cyber career field, and more.

Learn more about Cybersecurity Awareness Month and get helpful resources year-round at StaySafeOnline.org.

In headlines, hear about a cybersecurity awareness survey of EU businesses. And then, ransomware story number one focuses on Sinclair Broadcast Group. Finally, we’re horrified to learn about a ransomware attack on a candy maker – just before Halloween!

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Survey Says: Remote Work Security Ain’t Easy – Ping Podcast – Episode 54

Episode 54: Survey Says: Remote Work Security Ain’t Easy

The remote work boom began because of the challenge of the pandemic. And now 18 months-plus into it, employers, work from home employees, and IT staff are still figuring some things out – especially related to remote work security. On this episode of Ping, A Firewalls.com Podcast, we discuss HP Wolf’s Rebellions & Rejections report, which outlines cybersecurity attitudes and actions of both remote workers and those who make it happen. Let’s just say there’s plenty of frustration to go around. But there are some solutions, too!

In headlines, hear about cyber grave robbers who took advantage of the Surfside condo collapse. And then, we discuss a heavy hitting DDoS attack in Russia. Next, the new National Cyber Director talks about his role. And finally, in a bonus 4th headline, we learn about an Apple patch to stop a zero-click IOS vulnerability.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Public-Private Partnership on Cyber Security Policy – Ping Podcast – Episode 53

Episode 53: Public-Private Partnership on Cyber Security Policy

We projected some cyber security policy directions under President Biden at the beginning of 2021. But with all that’s happened since, it’s time to take stock of where things are now. For that, we welcome NextGov’s Mariam Baksh to take us through recent cybersecurity initiatives from the White House and Congress. Mariam outlines the use of public-private partnership to improve security, and whether some recent announcements constitute real progress or just talk. She also discusses the revisiting of the NIST framework, how the cyber insurance industry is involved, and recommendations from the Cyberspace Solarium Commission.

Read Mariam’s work at NextGov.

In headlines, we update the T-Mobile data breach story. And then, we discuss Apple’s relationship to privacy and how money plays a role. Finally, we learn about the latest ransomware cell to call it quits and why this keeps happening.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Chaos and Friends: The One With Malware – Ping Podcast – Episode 52

Episode 52: Chaos and Friends: The One With Malware

A new malware variant may soon throw the threat landscape into chaos. Threatpost Senior Editor Tara Seals joins us on a new Ping Podcast to discuss the emergence of Chaos malware. What is it? What will it do? And why should you be worried? Listen to find out. Plus, Tara tells us why the recent Friends reunion special on HBO Max led to a spike in online fraud.

Read more about Chaos.

In headlines, we discuss a case of SIM swapping that’s led to guilty pleas. And then, we learn about a T-Mobile data breach affecting millions. Finally, we discuss a new survey on passwords that doesn’t look so good.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Cyber Job Training & Matchmaking, Plus Another Ransomware Roundup – Ping Podcast – Episode 47

Episode 47: Cyber Job Training & Matchmaking, Plus Another Ransomware Roundup

Employers across the U.S. – and around the world for that matter – are struggling to fill cybersecurity jobs, and our home state of Indiana is no exception. To talk about the shortage, as well as cyber job training opportunities for students and career changers, we welcome Dr. Marc Rogers, Purdue University professor & executive director of the Purdue Cyber Apprenticeship Program. He discusses the newly launched Cyber Seek Indiana website, which serves as a matchmaker for cybersecurity careers, from jobseekers to employers. Dr. Rogers also details the Cyber Apprenticeship Program, which gives participants real-world experience in cybersecurity as part of their training. And finally, he gives us a brief state of the cyber threat landscape as it stands now.

In headlines, we do a sort of ransomware roundup, as there are so many ransomware stories out there today. First, hear about the FBI recovering more than half the ransom from the Colonial Pipeline hack. Then, we touch on the JBS meats ransomware attack, the idea of triple extortion, and a couple additional ransomware impacts. And finally, learn what cybersecurity debt means and why it’s not helping stop all these attacks.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Cyber Crime as Terrorism, Plus Ransomware Updates – Ping Podcast – Episode 46

Episode 46: Cyber Crime as Terrorism, Plus Ransomware Updates

In a special double interview edition of the podcast, we start by examining the idea of cyber crime as terrorism. Emma Schroeder & Trey Herr with the Atlantic Council’s Cyber Statecraft Initiative argue that many still do cybersecurity wrong. Why? In part, because they don’t meet cyber threats on their terms. Hear how they say cyber crime should be viewed and some tips for government entities in particular to better defend – including a Hunger Games idea. For more information, check out Emma & Trey’s op-ed.

For our second interview segment, we welcome cybersecurity writer and former IT pro Lance Whitney to help us tackle headlines, starting with a couple of high-profile ransomware issues. First, he updates us on the status of the DarkSide group following the Colonial Pipeline attack. Then, Lance details an FBI warning to healthcare providers to be on the lookout for Conti ransomware in particular. And finally, we discuss another threat targeted at consumers, called vishing – that’s voice phishing – and how hackers are using Amazon in this scheme. Find more from Lance at TechRepublic.

Oh, and check out our new podcast art above!

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Passwords: The Good, The Bad, & The Ugly – Ping Podcast – Episode 43

Episode 43: Passwords: The Good, The Bad, & The Ugly

Keeping track of all your passwords can be tough. But if you make remembering them too easy, you’re probably making your passwords too easy for hackers to crack. On the latest Ping Podcast, we discuss a British study that shows a majority of UK residents veer toward obvious passwords. We talk about why they’re obvious, and how to do passwords right to not only make them possible to keep track of, but to stay secure as well.

In another special segment, we take on a cybersecurity quiz that stumped the majority of those who’ve taken it. We go through the seemingly not too difficult questions and how people did on each one. Play along yourself to see how you’d do, and learn why simply checking the cybersecurity training box wasn’t enough to educate these test-takers.

In headlines, it’s two breaches and a warning. First, we talk about a Facebook (please don’t call it a) breach. And then, we hear from Federal Reserve Chairman Jerome Powell on his cyber concerns. And finally, we discuss a breach of ParkMobile that exposed license plate numbers and other personal info.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Safe Harbor and More Cybersecurity Laws – Ping Podcast – Episode 42

Episode 42: Safe Harbor and More Cybersecurity Laws

With recent attacks/breaches like SolarWinds and Microsoft Exchange, cybersecurity is an ever increasing priority. But beyond avoiding attack – which is a pretty big incentive – what other incentives do businesses have to invest in cybersecurity? Cynthia Brumfield, cybersecurity analyst, writer, and creator of the Metacurity newsletter, joins us to discuss safe harbor laws on the docket in a growing number of states. These laws would offer businesses liability protection if they take reasonable cybersecurity measures. We also talk data protection regulations at the state level, and hear about what the federal government is doing to prioritize cybersecurity as well.

Check out Cynthia’s article on Safe Harbor Laws at CSOOnline and subscribe to Metacurity to catch up on the latest cybersecurity news.

In headlines, it’s a ransomware trifecta. First, we talk about a cyber insurance company under attack by a potentially familiar foe. And then, we go inside a ransomware attack on British fashion retailer FatFace and get a look at the ransom negotiations. And finally, we hear about a ransomware cell hanging it up, and offering refunds, too!

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Super Bowl – and CyberSecurity – Trivia – Ping Podcast – Episode 38

Episode 38: Super Bowl – and CyberSecurity – Trivia

We celebrate Super Bowl week and our favorite subject of cybersecurity all in one package on this Ping Podcast episode. Kevin drops a special edition of Super Bowl Trivia that weaves network security themes into questions about Tom Brady, the Kansas City Chiefs, the NFL Draft, and more! See how Andrew Harmon does and play along to see if you can do better!

Ransomware Reckoning is back with Andrew Neita explaining how lucrative ransomware was last year. Plus, he shares a rather dire outlook for the year ahead.

In headlines, hear how Emotet got busted. And then, learn about two new business email compromise (BEC) variants on Microsoft 365. Finally, we can’t go a full episode without the SolarWinds breach. This time, hear how it’s causing US courts to switch to paper.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Unto the Breach: Cyber Policy Under Biden – Ping Podcast – Episode 37

Episode 37: Unto the Breach: Cyber Policy Under Biden

With President Biden taking office amid a still developing federal breach, cyber policy will likely be a top priority. Washington D.C.-based policy analyst Caitlin Chin joins us to provide the latest background on the SolarWinds supply chain attack. Then, she tells us where cybersecurity likely ranks on the Biden Administration’s priority list. In addition, we talk data privacy, Section 230, and net neutrality regulations and the likelihood of whether and how they’ll be addressed by both the President and Congress.

Take a look at a few of Caitlin’s articles for more information:

After the SolarWinds hack, the Biden Administration must address Russian cybersecurity threats

What to expect from a Biden FCC on Section 230, net neutrality, and 5G

How the 2020 elections will shape the federal privacy debate

The U.S. privacy landscape post GDPR

In headlines, we learn of a coalition to stop ransomware. And then, hear how cybersecurity pros think AI will take their jobs. Finally, we discuss how President Biden’s Peloton could be a national security risk.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Black Friday Becomes Cyber November 2020 – Ping Podcast – Episode 33

Episode 33: Black Friday Becomes Cyber November 2020

Holiday shopping deals are already coming from all directions. That’s because Black Friday is no longer just one day of deals, it’s turned into Cyber November. On the latest Ping Podcast, Kevin and Andrew welcome Dan Lohrmann, who explains why online retailers are spreading out the sales in 2020. Hint: As with just about everything else this year, it relates to COVID-19. Dan also offers tips to new and seasoned online shoppers alike to avoid common pitfalls. On top of that, we get into some election 2020 cybersecurity talk. And finally, we wonder whether the new normal in 2020 is permanent.

Read Dan’s blog for more on this unusual Black Friday holiday shopping season.

Our Ransomware Reckoning segment tells a somewhat positive story of Japanese video game maker Capcom’s response to an attack.

In headlines, hear why tax pros need to take cybersecurity seriously. Following that, we talk about the costs for breaches in the financial sector. Finally, if this year’s terrestrial issues aren’t enough for you, learn why you should worry about cybersecurity in space!

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Hospitals & Healthcare Under Attack – Ping Podcast – Episode 32

Episode 32: Hospitals & Healthcare Under Attack

Federal agencies came together with an unprecedented warning for hospitals & healthcare providers: ransomware attacks are coming. But what can these organizations do to protect themselves? Why are they so vulnerable to attack? And why are successful cyber attacks against healthcare facilities so devastating? For answers to those questions and more, we welcome SonicWall’s Barbara Vibbert, an expert in healthcare IT and network security in general. Barbara outlines cyber threats specific to hospitals and offers solutions that they – and we – can implement to protect them. Plus, find out why ransomware cells targeting healthcare are like Dillinger targeting banks.

Get some healthcare cybersecurity tips from Barbara’s latest blog.

In headlines, hear why Marriott is paying up in the U.K. for a breach that affected Starwood hotels. And then, we stay in Great Britain to get a glimpse at the volume of email threats the BBC receives. Finally, hear which cybersecurity skills are in most demand next year and for years to come as we look at the U.S. job market.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Cybersecurity Awareness Month & Halloween Costume Ideas – Ping Podcast – Episode 31

Episode 31: Cybersecurity Awareness Month & Halloween Costume Ideas

We know October is a month-long celebration of Halloween, but did you know it’s also National Cybersecurity Awareness Month? Well we’re here to make you aware. Kevin & Andrew welcome James Stanley with the Cybersecurity & Infrastructure Security Agency (CISA) to discuss the month and why it’s important to take personal responsibility for your security. On top of that, Stanley offers telework tips for remote workers, IT pros, and executives.

Learn more about National Cybersecurity Awareness Month: https://www.cisa.gov/national-cyber-security-awareness-month

See CISA’s Telework resources, including toolkits and more: https://www.cisa.gov/telework

Then it’s onto Ransomware Reckoning. On this edition, Andrew N. shares a scary story of hackers targeting schools.

In headlines, hear about a breach affecting Robinhood investors. And then, learn why cyber resilience is just as important as cybersecurity. Finally, hear why U.K. residents were less than thrilled about a cyber recruiting campaign.

But wait, there’s more! We didn’t forget about the Halloween part of October. So we decided to do some network security costume shopping before calling it a day. Hear about what we found.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

5 Things to Consider to Secure Your Telework Employees

Telework Cybersecurity

With the rapidly evolving circumstances surrounding the COVID-19 pandemic, workplaces around the world have been faced with a difficult challenge – quickly deploying a remote workforce. While some have been prepared for telework all along, others are scrambling to ensure employees can access their networks quickly, without compromising security. The unfortunate truth of our current situation is that while many are banding together to protect those most vulnerable to the coronavirus, there are those who see this more scattered user-base as a golden opportunity for cyber attack.

It’s important to remember that just because you’re not in the office, it doesn’t mean hackers are taking a holiday. In fact, remote work is their bread and butter. And they stand at the ready to exploit the vulnerabilities teleworking can bring.

With that in mind, what can you do to plug those holes? How do you keep both your network and your work-from-homers secure? Here are 5 things to consider…

1 – It Starts With a Policy

Both you and your staff benefit from knowing what to expect from remote work. Putting a telework policy in writing and ensuring everyone in your organization is aware of it is an important step for consistency and therefore security. Hopefully you already had one, but if not, it still pays to put one together and make it clear to all employees.

What should it include? Acceptable use, personal vs company devices, personal vs company accounts, how to connect, whether public wi-fi is allowed, etc. A couple of statistics should reinforce the need for a strong telework policy: nearly half of employees say they transfer files between work and personal computers; almost 15% say they can’t connect to their work network from home, and more than three quarters say they don’t take privacy measures when teleworking in a public setting.

2 – Protect Your Endpoints

Each device an employee uses to access your data is an added security risk. Remote laptops, tablets, smartphones, etc. are not constantly protected by your firewall. But you need to ensure they have a level of protection against malware, email scams, and other data breaches, so attackers can’t use them as a tunnel back into your network. That’s why a strong endpoint security solution is vital for all your telework users. The best options also provide added visibility into their status for admins. Protecting each device individually makes protecting your network as a whole much easier.

3 – Build a Tunnel

To work from home effectively, your employees need to have use of all the apps and files they normally have at the office. How do you facilitate that quickly and securely? You need to offer virtual private network – better known as VPN – access.

A VPN sets up a secure tunnel between your telework employees and your network, protecting their and your data from any spying or prying eyes. This encrypted tunnel (using either IPSec or SSL) can even help when employees use public networks. In case you missed it, we outlined SonicWall’s VPN options in a recent post.

4 – Make Sure Passwords Have a Passing Grade

An all too common problem with an all too easy solution in the cybersecurity world is weak passwords. Ensure your telework employees (and everything on your network) uses strong passwords of length, with numeric and special characters, and phrases if supported. This keeps brute force attacks at bay, which typically just fire thousands of common words at a login screen until one works.

And take it a step further with multi-factor authentication. For employees to access your network remotely, require an additional step, such as an authentication code texted or emailed to provide added security. Some types of multi-factor authentication even include options like geotracking.

5 – Training Is Vital

You’ve likely already heard that the most common reason for a breach is human error. Whether it’s in the form of a misconfiguration or because an employee clicked a malicious link, the human element puts your network at risk. And just as cybersecurity training is vital in the office, it’s extremely important for telework.

So safety using the aforementioned public wi-fi should come up, as well as reminders about what to look for in social engineering scams. Online attackers’ new favorite? Coronavirus-related malware in the form of emails, and even phony maps to steal personal data from anyone who visits to try and keep up with the virus’ spread.

You’ll also want to be sure your work-from-homers are sticking to VPN-only when it comes to work files. Too often, the easy way may be to send sensitive data as an unencrypted email attachment, but that risks exposing it to bad actors. Teach them to keep it encrypted, even if it takes a little bit longer. And even though social distancing may keep you from conducting this training in person, there are plenty of videoconferencing options to help.