By Troy Richardson, South-West Texas Border SBDC Network –

Coronavirus disease 19 (COVID-19) is a respiratory illness that can spread from person to person. COVID-19 originated in China and has been declared a global pandemic by the World Health Organization. As countries, states, and communities take preventive measures to reduce the spread of COVID-19, more businesses are allowing their employees to work remotely. It’s important to understand how this situation may affect your cyber security hygiene.

KEY POINTS

As with most significant global events, cyber criminals will leverage the event against potential targets to advance or achieve a malicious goal. This is most often carried out through phishing attacks. The cyber criminals send emails claiming to be from organizations that a recipient might expect to hear from, considering the current event. For example, with the COVID-19 disease, the emails may appear to come from a government health organization such as the CDC or other health care authorities. Users should be aware of this tactic and utilize good cyber security hygiene to include:

o Understand a government organization will never ask for your personal information in an email!

o Check the email address of the sender; don’t rely on the name that is displayed, and inspect the elements of the email address, especially the domain information (after the @ sign).

o Inspect any web links before clicking on them, by hovering over the URL with your mouse cursor to see where it directs to.

o As with any possible phishing email, watch for grammatical and spelling mistakes, and delete any emails that appear suspicious.

o Also, avoid emails that utilize generic greetings or are trying to instill a sense of urgency for you to act.

o Don’t open any attachments from ANYONE unless you are expecting the attachment!

Businesses should review, and where needed, update their Business Continuity of Operations Plans, to include backing up critical business data (local and off-site) and testing those backups to ensure you can recover using the backups.

If you or your employees are able to work remotely, take the following into consideration:

o Ensure that your business has a current cyber security policy that includes remote working.

o Utilize a trusted VPN utility to connect to work resources when on any network outside the business.

o Plan for non-business owned devices to connect to your organization or process business information.

o Identify, test and utilize a collaboration tool that can be used among coworkers while working remotely.

o Don’t store sensitive business information in an insecure environment (home office, external unencrypted hard drive, open laptop, a public folder residing in the cloud, etc.)

o Identify who will provide IT support to remote workers and how to contact that IT support resource.

_____________________________

About the Author: Troy Richardson is a Business Development Specialist at the South-West Texas Border SBDC Network