This post is also available in: Español (Spanish)
Contxto – As everyone is settling into their home office routines, there’s an overlooked danger surrounding our computers.
While keeping our eyes peeled for viral infections outside, have you recently stopped to consider how a bug, virus, or other malware may affect your business’ operations, network, and even put your users’ data at risk?
With the advantage that is working at home, comes the very real danger of experiencing a data leak. Needless to say, that places a customer’s well being at stake. Plus, the business is exposed to potential lawsuits, loss of reputation and derailing of operations.
To learn more about how startups and founders can better protect themselves, I jumped on the phone with Christian Torres, Co-founder/CEO of Kriptos an Ecuadorian startup that helps companies better protect themselves through data classification and artificial intelligence.
Two threats from home
Torres stated that the coronavirus pandemic has led to two potential sources of risk.
The first is related to faulty links, attachments, and websites that claim to have solutions and real information regarding the disease. Moreover with the reign of “fake news” unsuspecting users may fall victim to these claims and choose to access this content.
According to cybersecurity company ESET, there were around 2,500 malware infections in a single day due to coronavirus-themed emails.
As a result, panic and misinformation can open the door to malware entering a device.
But given that everyone is at a distance, it’s tougher for them to report what’s happened. And that’s assuming a member of your team notices something is amiss, as Torres rightly pointed out, “on average, a business will realize there’s been a data breach six months after it’s actually taken place.”
Meaning, if you’ve downloaded a virus, your computer won’t cue the flashing lights and sound off the alarm. Chances are you’ll only realize something’s up once you try to locate certain data and find out it’s no longer there, it’s been altered, or someone else notifies you.
The second potential risk comes directly from working at home, where it’s likely staff isn’t operating over a virtual private network (VPN) but rather using their WiFi internet. Plus, unattended laptops and computers can prove to be a source for games or pranks from other members of the household.
How to approach the problem
As businesses shift towards cloud-based solutions to store their information, it’s much easier to access data. That allows teams to keep running from afar.
So that’s the good news.
The bad news is this also means that users and staff can more easily access sensitive information since everything is connected.
For example, a customer service rep probably shouldn’t be able to tap into the accounting department’s books. However you can’t simply block everything, otherwise nobody would be able to do their job.
As a result, Torres emphasizes that companies classify their information based on their level of value. Uber-sensitive data needs a bigger defense to be accessed. And that’s where data loss prevention (DLP) software comes in.
Your startup’s admin can use this software to place barriers in systems where you store information on common cloud solutions like Google or Office, for example. However, there are multiple types and degrees of DLP sophistication.
And depending on whichever you choose to use, an admin can be notified if someone is trying to open a restricted file, limit editing documents, block the printing of documents, etc.
If worse comes to worst, and you suspect there’s been a data breach, here a few things to keep in mind.
Kriptos’ CEO recommends you isolate the potentially infected devices ASAP. That way you contain the spread of the malware on your system. Also, evaluate whether your users need to be notified based on the information that’s been leaked.
I would also add raising awareness and talking to your teams about these risks. Emphasize the importance of handling this information responsibly at home, just as they do at the office.
It’s bad enough there’s an awful virus outside cooping us up at home.
Let’s not make matters worse by letting digital viruses affect one of your most valuable assets: data.
Related articles: Tech and startups from Ecuador!