COVID-19 increasingly is becoming a cybersecurity threat, as just last week the federal government released an alert encouraging organizations to adopt a heightened state of cybersecurity when considering alternate workplace options.

Between unsecured employee personal devices and increased collaboration app usage, attackers are using COVID-19 as their way in via malicious campaigns ranging from email phishing to malware, and ransomware to spoofed website domains. And while large enterprises may have strong security strategies in place to deal with these attacks, many SMBs and midsize companies struggle with the cost of protecting their business online.

Kevin Lancaster, Kaseya‘s general manager of security solutions, tells us it’s critical for organizations to develop security awareness programs that educate employees on phishing scams, ways to avoid unintentional downloads of malware, and the security policies of the company in order to build organic internal security measures.

Kaseya’s Kevin Lancaster

“The loss for a dentist’s office being down for one hour today is the equivalent of an entire brokerage firm’s loss 10 years ago — its that dramatic,” he said.

Employees must have an appropriate level of awareness regarding IT security and understand their individual responsibilities when it comes to securing the infrastructure of the organization, Lancaster said. Many security breaches that involve internal actors are the result of negligent behavior on the part of employees, not malicious activity, he said.

“Despite your best efforts, there may come a time when your company falls prey to an attack,” he said. “And when that happens, it’s important for IT professionals to draw an incident response plan that enables employees to strategically evaluate the aspects of the business that could be at risk and mitigate damage after a breach.”

Lancaster suggests five ways small businesses can improve their security:

Also this week, ScanSource has released a new resource guide for partners aimed to help them navigate through all of the COVID-19 information. The guide provides an overview of the new legislation – Families First Coronavirus Response Act (FFCRA) – as well as insight on small business loan programs, stimulus programs, travel restrictions, insurance regulations, COVID-19 Q&As for HR and operations teams, and general tips for working remotely.

John Eldh, ScanSource’s chief revenue officer, tells us his partners, like most people, are being inundated with news, updates on state and federal actions, travel guidelines and many other COVID-19 things that are taking their time away from growing their business and focusing on their people.

ScanSource’s John Eldh

“We wanted to provide a quick reference with the best information we have received that would help them understand how some of these changes may impact them, while also providing what we believe are best practices on working from home, precautions to take during this challenging time, and guidelines to consider when handling sensitive situations,” he said. “Our hope is that by having this information in one place, our partners can quickly turn to the guide for insight. Our goal is to continue to update the guide as the situation evolves for our partners.”

ScanSource is talking with its partners every day to better understand what their challenges are — not just …

… on the sales side, Eldh said.

“We are constantly learning of new programs, best practices and legislation, and understand that they may have an impact on our partners, many of them small-to-medium businesses,” he said. “We wanted to consolidate this information and share it with our partners in an easily digestible format.”

In addition, Atera, a developer of an IT automation platform that combines remote monitoring and management (RMM), professional services automation (PSA) and remote access, announced that it has created a new system to deploy a remote workforce amid the pandemic.

Through an integration with Splashtop’s software into Atera’s platform, MSPs and IT professionals can set up remote workforces for their clients from anywhere, enabling secure remote access for employees working from home.

Atera’s Gil Pekelman

Gil Pekelman, Atera’s CEO, tells us MSPs are working “very hard” to enable remote work for their customers since many people are in quarantine or prefer to work from home to keep themselves safe.

“This is where the new remote connect feature came into play,” he said. “It allows MSPs to easily enable remote work for their customers, and also allows MSPs to control who can connect to which workstation. Enabling this solution can be done completely remotely, so even if the MSP is in quarantine they can still continue to work, and the activation takes only a few minutes.”

The remote connect feature is used in conjunction with a two-factor authentication (2FA) security code to maintain maximum security.

“We applaud Atera for swiftly integrating our work-from-home solutions into their platform so partners can get their clients up and running as a remote workforce,” Mark Lee, Splashtop’s CEO. “Our technology allows employees to work remotely and access their computers, and through Atera’s platform, partners can now easily access the solutions from anywhere.”

Also this week, net2phone, the global provider of cloud communications solutions to businesses, announced that Microsoft Teams users who sign up for net2phone’s fully integrated Global Calling Plan for Teams will receive their first 90 days of service at no cost — including unlimited calling to the United States, Canada and more than 40 international destinations.

“Reaction to the COVID-19 pandemic is accelerating adoption of Microsoft Teams and other platforms that facilitate collaboration across the enterprise for a dispersed workforce,” said Jonah Fink, net2phone’s president. “Businesses must have reliable, untethered and boundary-less communications and collaboration to compete.”

This offer is available to Microsoft Teams users in the United States, Canada, Brazil, Mexico, Argentina, Colombia, Spain and Hong Kong.

Also, Authoriti, a provider of fraud protection, is making its permission code-based vendor payments fraud protection service available at no cost to state and local governments effective immediately. The service protects against business email compromise (BEC) in which fraudsters hack into insecure communications and redirect legitimate vendor payments into their own accounts and/or submit phony invoices.

“Local government agencies need to do whatever is necessary to protect their constituents during times of crisis,” said Michael Cutlip, Authoriti’s president and CEO. “Unfortunately, bad actors will try to take advantage of the chaos and distractions. Authoriti’s service directly addresses that threat.”