Kaspersky Offers Free, Online Working-from-Home Security Guidelines

Kaspersky has introduced a new, free online module providing working-from-home security guidelines to ensure remote workers don’t endanger their businesses.

With more companies now switching to working from home due to the COVID-19 pandemic, Kaspersky has collaborated with Area9 Lyceum to offer the remote security guidelines module. It will educate customers on COVID-19 and maintaining a secure working-from-home environment.

Kasperky’s Elena Molchanova

Elena Molchanova is head of security awareness marketing at Kaspersky. She said the shift to remote work is many employees’ first experience of working from home.

“As this change was rather unexpected, some companies were not able to provide a training on security basics of remote working,” she said. “As such, employees may not know how to securely configure home Wi-Fi, install required updates or protect their own devices used for work, etc., as these were previously a duty of [the] IT department. In addition, they may not have a usual and convenient way to contact their IT department, for example, in case they receive a suspicious mail. So these employees may find themselves unprepared for new cybersecurity challenges.”

The module includes two parts. The first examines what COVID-19 is and how users should behave in order to minimize their chances of becoming infected. The second part discusses cyber safety and how users can protect their workplace from cybercriminals while working from home.

The modules take no longer than 30 minutes to complete and use an adaptive training approach so that they are personal, engaging and ensure skills retention.

“The lesson is free and everybody can share the link to the online training with his or her colleagues,” Molchanova said. “MSSPs play an important role in security training for their customers’ employees, and we are delighted that our partners are sharing this special course during the pandemic lockdown.”

Also Friday, the 2019 Global Encryption Trends Study by nCipher Security and the Ponemon Institute found 54% of business leaders consider their employees to be the biggest security threat. Hackers ranked third at 29%.

Employee mistakes continue to be the most significant threat to sensitive data, more than external hackers and malicious insiders combined. In contrast, the least significant threats include government eavesdropping and lawful data requests.

The main driver for encryption is protection of an enterprise’s intellectual property and the personal information of customers — both 54% of respondents.

With more data to encrypt and close to two-thirds of respondents deploying six or more separate products to encrypt it, policy enforcement was selected as the most important feature for encryption solutions. In previous years, performance consistently ranked as the most important feature.

Cloud data protection requirements continue to drive encryption use, with encryption across both public and private cloud use cases growing over 2018 levels, and organizations prioritizing solutions that operate across both enterprise and cloud environments.

John Grimm is nCipher’s senior director of strategy and business development. While people who normally work from home may already be vigilant about security concerns, those new to it may not be, he said.

“The vulnerability and risks grow with employees who don’t have a good work-from-home setup and need to rapidly deploy a set of tools to work remotely,” he said. “This creates a place for sensitive data to flow. With all of the mobile tools being used, there has been an increased spread of sensitive data, and this rapid enablement of remote work is causing a new set of potential exposures for sensitive data.”

Security that relies on just a password or a simple two-factor authentication like a one-time password is inadequate for a home Wi-Fi network, Grimm said.

“We can expect hackers to exploit this work-from-home surge, and it’s critical to secure and protect the digital identities of remote workers – making high-assurance, credential-based authentication a must,” he said.