Millions of Americans are working from home, either temporarily or permanently. A substantial portion of them is expected to keep working from home, even after the COVID-19 begins to fade. Meantime, a lot of workers who were forced home by the pandemic are well into their second, six-month stint of working from makeshift workstations.
It’s a good time for a cybersecurity checkup for home-based workers and their employers.
Jake VanDewater provided a good review list Sept. 30 during the Greater Sioux Falls Chamber of Commerce's third annual Sioux Falls Cybersecurity Conference. VanDewater, who was among the presenters at the virtual event, is the vice president of engineering, operations and IT at SDN Communications in Sioux Falls.
Here are some of the suggestions for remote workers that VanDewater suggested to conference participants:
- Talk to your internet service provider. Make sure your computer speed is adequate and can handle the number of people using the system. Adjust your service level, if needed.
- Check the gateway to your home network – the router or firewall. Make sure it provides enough security for the type of data that is being transmitted. Encrypting the data might be necessary.
- Use strong passwords to access security equipment and keep software updated.
A number of computer-related precautions are also in order:
- If you’re dealing with sensitive information, use a Virtual Private Network (VPN) to connect back to your office.
- Use your work computer for work purposes only and lock it when it’s not in use.
- Apply software updates in a timely fashion, and back up files offline to protect against data loss.
Several other regional experts also spoke at the conference and offered security suggestions for businesses. Among them was Anders Erickson, cybersecurity principal for Eide Bailly Technology; he’s based in Boise, Idaho. Erickson identified 10 areas that businesses should evaluate to measure the effectiveness of their security preparedness:
- Align cyber risk to business risk.
- Establish a cybersecurity steering committee.
- Understand your security risks and gaps.
- Create an incident response team.
- Document information security policies.
- Manage third-party vendor risks.
- Conduct an independent audit of security risks.
- Understand cyber liability insurance.
- Classify critical and sensitive data.
- Provide ongoing security training for employees.
Erickson suggested that businesses rank themselves in each category on a scale of 0-5, with 5 being the best score. Any score under 4 indicates attention is warranted.
Several other speakers also provided suggestions and insights into relevant topics. For example, Mario Paez offered insight from the perspective of the insurance industry. He is the director of cyber and technology errors and omissions insurance for Marsh & McLennan Agency, LLC in Minneapolis.
“Cybersecurity is not just an IT issue. It is an entrepreneurial risk that impacts many key stakeholders in your organization,” Paez said.
Speakers from two federal agencies brought attention to good sources of information. Government websites with potentially valuable information for businesses include cisa.gov. That’s the website for the Cybersecurity & Infrastructure Security Agency, which is part of the Department of Homeland Security.
The Federal Trade Commission’s website, ftc.gov, also has a lot of potentially valuable cybersecurity information for businesses.
Samantha Gordon, with the Midwest Regional Office of the FTC, urged businesses to maintain good cybersecurity systems.
“Don’t scrimp,” she said. “This is an area you can suffer real harm.”
Security Tools For Your Business
It wasn’t a topic that either VanDewater or company CEO Mark Shlanta mentioned during presentations at the conference, but SDN offers several security-related services to businesses in the region. Under managed service contracts, for example, SDN provides companies equipment such as firewalls and routers, and keeps the equipment updated and running effectively. Other security-related services SDN offers include protection to monitor and mitigate Distributed Denial of Service (DDoS) attacks.
SDN is a regional, business-to-business company that operates largely behind the scenes in providing broadband connectivity and related services. The company’s key market sectors, as noted by VanDewater, are health care, emergency services, financial services, cellular services, agriculture, manufacturing, state government, and education.
SDN is a leader in providing business internet, private networking and cloud connectivity to businesses and organizations in communities such as Sioux Falls, Rapid City, Worthington, and the surrounding areas.