By Ritesh Chopra, Director, NortonLifeLock India
The COVID-19 pandemic has, almost overnight, forced us to adapt to a whole new working environment. After nearly two months in quarantine, both organizations and employees have come to terms with working remotely or working from home. While we may have converted a part of our home into a workplace, it is important to remember that we are now using our home network to connect to global servers and downloading more data it normally expects. How, then, can we ensure that our devices and our networks are more secure? It has been observed that, while consumers today are more aware than before of cybercrimes, data breaches, and online threats such as phishing, the measures they adopt for cybersecurity may often not be adequate. With remote working likely to become a more common feature of corporate work culture in the lockdown period, we need to be better prepared to ward off cyber threats.
We have already seen security breaches happen with consumers downloading various new apps every day. We even witnessed the emergence of new threats like hacking into video conference apps. Cybercriminals are even taking new approaches to old tactics by exploiting the COVID-19 situation to send phishing emails with dangerous links that are disguised to be from government agencies, employers and even the World Health Organization. For instance, there might be an email message, which appears to be from your company officials, that asks you to open a link to a new company policy pertaining to COVID-19. However, clicking on the attachment or the embedded link might download malware onto the device. Such fraudulent emails and text messages (or even WhatsApp messages) are being increasingly used to trick consumers into opening malicious links that can not only corrupt their device but also hack into their personal data.
The most recent NortonLifeLock Cyber Security Insights Report (NLCSIR) revealed that four of every ten Indians surveyed had become victims of identity theft in the year 2019. The risks in 2020 will be far greater, given the heightened dependence on digital tools and platforms. Users are consuming more apps than before for purposes ranging from online dating to ecommerce and banking transactions. Children are spending more time online for education and entertainment. An increase in online time increases the risk of exposure to cyber threats. There is a greater need than ever to protect one’s data and identity in the online world. However, the aforesaid report suggests that while Indian consumers are indeed concerned about the misuse of personal information, they are happy to share it if they get something in return.
Data breaches are a significant risk whether intentional or not. Even a well-intentioned employee could accidentally compromise sensitive company information by clicking on a malicious link on their smartphone. It is therefore advisable to always follow certain basic but important best practices in cybersecurity — being cautious when engaging in online activities; abiding by company rules; and reaching out for help when you encounter something suspicious.
It is a good idea to change device and account passwords regularly and to make sure you’re not reusing passwords. Keep the passwords complex by using uncommon and unpredictable combinations of alphabets, numbers, and special characters. It is also recommended for both organizations and individuals to use a VPN to secure the network and ensure privacy of online activities. VPNs help prevent cybercriminals and snoops from seeing what you do online. Your work might involve sending or receiving financial information, strategy documents, and customer data. A VPN helps keep all such information secure from cybercriminals and competitors.
However, it is important to remember that not all VPN platforms are secure. An unscrupulous VPN provider can easily eavesdrop on your online conversations and sell sensitive and personal data on the dark web. An unsecure VPN service can potentially cause a lot more damage than no VPN at all. So, use a VPN only if trust your provider as much as you trust yourself. You need to be sure that the provider isn’t sniffing around or modifying your traffic; that the VPN isn’t logging everything; and that it is using reliable protocols and strong encryption.
With “working from home” becoming the new norm, we must remember that employees are the front line of their organization’s information security. Most organizations have robust cybersecurity policies but cyberattacks can still occur despite these precautions. We need to understand that being cyber-safe is a shared responsibility that begins with every individual.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines