As telecommuting becomes more widespread and tends to become the norm since the beginning of the health crisis, leading to a digital transformation of companies and administrations, exposure to the risks of cybercrime is increasing. 3 best practices can help reduce these risks and strengthen cybersecurity. Let's take a closer look.
Cybersecurity: the importance of corporate communication
For many companies, the procedures implemented in a face-to-face working environment are no longer applicable since the start of the Covid-19 pandemic and the rise of teleworking.
The computers provided to employees, when they are not working on their own equipment, do not always allow for the application of the security controls that used to apply within companies. Indeed, the systems used are often old, and cyber-risk protection tools have sometimes been hastily deployed to respond to emergencies.
It is therefore essential for companies to educate and communicate with their employees about cyber risks, using all available media. A cyber attack can have far-reaching consequences, leading to considerable financial losses, either directly or indirectly. If customers' personal data is divulged, they will undoubtedly be quick to turn to a company considered more secure.
The more teams are aware of these risks, the more likely they are to adopt best practices to strengthen cybersecurity.
The benefits of simulating cyberattacks
Any information provided to employees, however comprehensive, remains theoretical. Simulated cyberattacks have several advantages: they raise awareness of the potential seriousness of a real cyberattack, and put both IT systems and employee reactions to the test.
For example, simulating a phishing attack by sending a fake e-mail to all the teams has the advantage of knowing very precisely the percentage of employees who clicked on the link. Another option is to demonstrate how a hacking attack can be carried out, by asking the teams in charge of cybersecurity to take control of all the company's means of communication.
For these simulated cyberattacks to bear fruit, they must then be the subject of an audit report communicated to all employees.
Draw up a list of best practices
Once teams have been briefed and exposed to cyber risk through simulation, they need to know how to react in the event of a threat, and what practices to adopt to reduce risk.
This list of best practices needs to be widely communicated, and a procedure set up and made accessible.
Among the simple practices that can be adopted to strengthen a company's cybersecurity are the need for employees to choose different passwords from those used for personal purposes, containing a minimum of 12 characters with upper and lower case letters, numbers and special characters.
It's also important to ensure that all computers used for teleworking are protected by anti-virus and firewall software, and that VPNs are used systematically. Other measures, such as automatic session locking and hard disk encryption, are also essential.