As the Coronavirus spreads, the IT infrastructure of businesses, governments, and educational establishments has come under increasing pressure.
Many of your SMB customers are currently putting new measures into place such as working remotely, and shifting in-person meetings and classes to online/virtually delivered courses. This puts existing infrastructure under additional pressure, as well as creates exposure to more security risks.
All of this extends to each of our channel partners and business customers. By having to adapt to new working arrangements, many businesses, as well as their IT infrastructures, will be put through a rigorous test, especially from a security standpoint. We want to reassure you that we are here to help not only by delivering security to your customers but also by providing you with the technical and product support that you need to be effective at your job, as well as share with you our best practices on how to manage virtual (remote) teams while maintaining same productivity and making sure that your customers’ security is not compromised.
Your safety and security, as well as that of your SMB customers, is of the utmost importance to us, and we will work tirelessly to help you stay safe, informed, and have the support you need to manage increased workloads with reduced resources.
With our channel and business community in mind, let’s look at a few facts and highlight areas to keep in mind and precautions to take.
More remote workers, new security implications for SMBs and IT Service Providers
To minimize in-person contact and reduce the spread of COVID-19, companies are either mandating or recommending remote work options.
The reality is, some SMBs may not be as prepared as others with the right infrastructure and tools to safely enable remote work. And as COVID-19 ramps up, the volume of remote workers will grow.
Keep your SMB Customers Informed on the New Attacks as COVID-19 Challenges Rise.
COVID-19 phishing and web scams are also on the rise, taking advantage of anxious workers and reminding us of the importance of safe computing. From health advice to workplace policies, the scams offer COVID-19 updates or request urgent action for safety, all focused on triggering clicks on malicious links and attachments.
COVID-19 phishing scams: One phishing campaign delivers ‘important information’ from World Health Organization representatives, providing an attached file. The file has GuLoader malware loaded and ready to infect systems.
Malicious Coronavirus online map: A fake website is offering a realistic-looking map of COVID-19 outbreaks around the globe. Yet, the website hosting this map is actually a weaponized map app that infects victims with a variant of the information-stealing AZORult malware.
How to Keep SMB Customers and Employees Protected, from any Location
To keep network connections and web browsing secure and private from any location, implementing fundamental security measures for you and your customers is crucial:
Be sure that all remote workers are using pre-approved equipment, including laptops and smartphones. These devices should have business-grade security solutions installed on them.
Inform remote workers of the hardware, software, and services they can utilize that are not company issued, but could help to connect and share files with colleagues.
Enforce two-factor authentication wherever possible to add an extra layer of protection to accounts.
Check that everyone has installed all relevant operating system updates.
Ensure that endpoints and networks have the latest versions of all security software, regardless of the vendor installed.
Make sure remote workers are connecting to the business network via VPN
Arm remote workers with a list of phone numbers, so they can reach out for help if needed with any IT issues.
There is little doubt that the number of remote workers is going to increase. All of this puts new pressures on IT and presents security implications. Without advanced security controls in place for remote access, connecting to the company network from new locations can create vulnerabilities. Remote workers must have the ability to safely connect to company networks, and securely access files and data — all without risk of web and email threats, or network disruptions.
Keeping calm may not be easy when your customers suddenly shift to work remotely, and you’re the IT support desk.
Anticipating user needs will help you manage the resources and time needed to respond. Being proactive can help you not only stay ahead of needs and prepare strategies, but also demonstrate your value to your customers.
Take a deep breath. We’re all aware of the impact of stress to health. Remember to stay calm and tackle one crisis at a time.
Check in with your customers. For MSPs and IT service providers, ensure your customers are safe. As busy and stressful as the situation may become, make the time to check in and offer your support. A quick hello to say you care goes a long way, whether or not support is needed.
Prioritize needs, triage the emergencies. Consider the customers or employees who may have higher priority needs, and sensitive security considerations. Or the ones who may require support to work virtually. Then triage the bigger needs with available resources.
Cover the basics. Customers may be in different stages of providing flexible work options. Not all employees are comfortable with logging in from home. From VPNs and firewalls, to password manager tools, putting in basic measures is a first step toward a defense.
Double down on security best practices. There is no time to waste when it comes to promoting best security practices. Be sure to refresh passwords, use multi-factor authentication, and resist the temptation to click on unfamiliar COVID-19 emails, text messages, or websites.
At Avast, we care not only about the health of your business and customers, but about you as well. We encourage you to reach out to our team or your account managers, with any questions or needs. As always, we appreciate your dedication and support.