As many employees continue to work from home and access private or sensitive company or government agency data remotely, there is inherently a higher risk for a cyber security breach. If you haven’t already taken a hard look at your cyber security risks and implemented ways to reduce the likelihood or severity of a data breach, there’s no time like the present. Here, we spoke with Andrew Egenes, co-founder and head of product at Layr, a modern, tech-enabled insurance agency, for his sage advice on what to do to protect data as employees work from home.
A Professional Cyber Security Risk Assessment
“Cyber security risk assessments should ideally be completed by an experienced cybersecurity consultant or third-party,” says Egenes. “Bringing in an outside expert not only provides a fresh set of eyes on a company’s existing security practices and protocols but also knowledge around current threats and trends and actionable tactics for combatting them. Companies also need to treat the results of a security audit seriously assuming that it’s not a matter of if a vulnerability will be exploited rather when each vulnerability will be exploited, and how damaging the exploitation will be.”
3 Easy Ways to Reduce the Risk of a Data Breach
Egenes offers the following advice regarding a few easy and cost-effective ways for companies to reduce the likelihood or severity of data breach when employees are working from home:
- Multi-factor authentication should be mandated anytime it’s available. It’s an extremely effective first line of defense should an employee’s credentials ever be compromised.
- Additionally, adopting the principle of least privilege (PoLP), where users are only granted the minimum level of access required to carry out their work is widely recognized as a best practice.
- As a last line of defense, companies should consider purchasing cyber liability and data breach insurance, which will respond should a breach occur. This newer form of business insurance is widely available, relatively inexpensive and makes the likelihood of a company surviving a data breach much higher.
Consider Cyber Security Education and Protocol
Whether or not remote working is here to stay or will dissipate in the future, cyber security is not going anywhere. Educate yourself and your team, and work towards a secure operation to avoid a cyber attack or data breach.