Keeping Your Network Safe from Accidental Infection

One of the lessons of 2020 is that you can’t take things for granted.

Among the most painful things that we’ve temporarily lost is the ability to trust those closest to us.  It’s not that friends, family and co-workers want to hurt us – they don’t even know that they can.  Most COVID transmissions happen while the infected person feels completely normal.  So if staffing isn’t managed in a way that factors in this risk, one unwitting employee can quarantine an entire office – and in some types of businesses (including ours) this could be devastating.

Unfortunately, this exact same situation applies to business IT networks.  Your employees don’t have to know they’re enabling a cybercriminal to steal or encrypt your data in order for it to happen.  And while we’ll hopefully be able to leave COVID-era workplace policies behind us at some point during this coming year, the same can’t be said about your network policies.

Here are three ways employees can unwittingly infect your office with malware:

Employees use their phones to connect to the production network.

There’s nothing wrong with providing employees, clients and guests with Guest WiFi when they’re at your office.  But that WiFi should be partitioned from the production network that enables you to get things done. If the phone is compromised, and it has a straight path to your network, the phone could very well leave some bad things behind on the way out of your office.

Employees transfer data between work and home PCs with flash drives.

USB flash drives are one of the easiest ways to transfer data.  No passwords, 2FA or syncing.  Just pop the flash drive in the USB port and take it out the door. But there are several reasons allowing flash drives to move data between work and home PCs is not a good security policy.  Among them: the designers of malware know that USB drives are used to move files from one PC to another, and many of them program their malware to attempt to hitch a ride every time a USB drive is inserted into a computer.  It’s very possible that one of your employees will bring one of these ride-along programs into your corporate network.  By the time you realize it, the damage will have been done.

Accidental Infection

Unfortunately, this is not what an infected flash drive typically looks like.

 

 

Instead, use a file sync and share product like Dropbox or Onedrive. This will do a much better job of preventing any malware from riding along with the intended files and jumping onto your network.

Employees use corporate VPN software on home PCs.

While there are safe ways to connect to a work PC using a home PC, a VPN is not one of them.  There’s no way to know exactly what is (or isn’t) on a person’s home PC.  Many employees also share their home PC with other users.  However it happened, If a home PC has been compromised, a VPN connection into your network allows the outsider to move around on your network as well.  Most home PCs are simply not secured enough to take this risk.

 

If employees are using their home PCs to initiate a VPN connection to your network, you should talk with your IT team about safer ways to allow remote work. For some employees, it may make sense to provide a work laptop with VPN software installed, which they can use to log on to the network remotely. For others, a Remote Desktop service (including Microsoft’s own Remote Desktop Connection) may be the answer.

Cyberthreats have increased substantially in 2020, and there are more threats floating around the internet than ever before.  Especially with so many forced policy changes happening in recent months, it’s a great time to take a look at your data policies and make sure they’re setting you up for success, not problems.

To learn how WingSwept’s suite of cybersecurity services can keep your business safer, call us at 919-460-7011 or visit https://www.wingswept.com/managed-services/cyber-security/.