Canadian HR Reporter is the national journal of human resource management. It features the latest workplace news, HR best practices, employment law commentary and tools and tips for employers to get the most out of their workforce.
Issue link: https://digital.hrreporter.com/i/1247505
www.hrreporter.com 9 switched between personal and company laptops depending on convenience. This is concerning as most private laptops are not equipped with proper security software, says Markuson. "Hackers can trick an employee into clicking on a phishing email. That would give them access to the employee's computer and all accounts and systems it is connected to. One careless click or connection to unsecured WiFi can cause troubles no organization wants to face. Online security has never been more important." HR, IT must partner to get workers up to speed For HR departments, now is the time to work hand in hand with the IT security team, says Lapointe, to secure company PCs for remote workers and com- municate with employees. "Of course, the security departments are the experts in that field, but HR brings all the information to the different employees. All sec urity departments are pretty busy because there's a very significant rise in the scams — probably around 40 per cent — so HR should send all the information to all the employees on how to stay secure," she says. since January. That's about five per cent [that] may be malicious. So people want to buy masks, those kinds of things and they get hacked. Instead of being more protected, they get a virus and all kinds of different things that are malicious, so that's the problem," she says. "The hackers, they know that right now. Everybody's working from home and they're not always concentrating because they have their kids at home or their parents; there's always something going on. It's not the same thing as being in an office. By being distracted, they could click on links that they shouldn't be doing," she says. As is usually the case, even in a corporate in-office situation, the employee is usually the weakest link in the company firewall. "Ninety per cent of corporate data breaches in the cloud happen due to hacker attacks that target employees. When working from home, people tend to be more relaxed and browse personal sites, which might not be secure," says Markuson. A recent survey by his company found that 62 per cent of people are now using personal computers or other devices to work from home. More than two in five (42 per cent) claimed to use personal devices exclusively, while 20 per cent That communication from HR to employees must be ongoing to be most effective, says Markuson. "There must be frequent updates on the most significant risks and newly occ urring sec urity vulnerabilities. Every employee working from home needs to be well informed about what kind of tools to use and how to safely access an organization's systems and cloud-based databases." Awareness and security training must be done through "easy-to-understand, easy- to-consume, lightweight training," says Baiati, and it should include new policies that take into consideration remote work. For employees working at home, the best advice is not to trust any content without first verifying it's authentic, according to Lapointe. "I would tell them to be a lot more suspicious than they are usually. Beware of curiosity: Stop opening emails that you don't know, don't click on links or messages that, a lot of time… will try to make you give the information quickly. If it seems that it's too good to be true or there is an urgency in the email, verify who's sending it. If it's a scam using somebody else's name, verify with that person. Never send confidential information in an email or any other "Hackers are preying on people's fears, spreading disinformation and monetizing panic." Daniel Markuson, NordVPN means, because the government, the Red Cross, the World Health Organization, they never ask that from you." Home networks should also have increased security, says Markuson. "The bare minimum is to password- protect your router if you haven't already. Moreover, setting up a guest network and installing a VPN on your router are genuinely recommended." And IT professionals should "make sure that you have the latest endpoint protection on your devices from leveraging both signature-based and non- signature-based malware because now it's about hardening the device more so but also making sure that there's a balance between usability and security, which is the common insight," says Baiati. CHRR