Cybersecurity vital during lockdown

With many businesses suddenly forced to rely on the internet to operate during the national lockdown, it is now more crucial than ever for web users to correctly understand the extent of their security vulnerabilities to implement the right protective measures against cyber attacks, Vox Telecoms CEO Jacques du Toit warns.

As SA attempts to combat the spread of Covid-19 by implementing the lockdown, for some businesses this means employees depend on their home internet connectivity which poses a potential threat to companies’ security if not assessed.

To be on the safe side, Du Toit advised, internet users had to communicate with their service providers to get a good understanding of what internet use required.

“Users need to have a good understanding of what they require the internet for — is for entertainment or work?

“The second thing I am most worried about is that the average person working from home does not have the correct understanding about the security measures it requires, because there are often multiple devices connected to home Wi-Fi for different reasons, especially now that kids are also home all day.

 “Each time you connect a new device to you home Wi-Fi you introduce a potential vulnerability because you have kids sitting on their tablets all day downloading or playing games online while the parents are working and also downloading movies to watch,” Du Toit said.

Cyber crime had different approaches and different, advanced measures of protection were important to protect company and personal data from being used against users, he said.

“There are multiple levels of security,” Du Toit said.

“We have endpoint security which protects the router to ensure that there is no ports that [cyber criminals] can come in to steal information or infect your network, and there is mail security where attackers send e-mails that look like they are from someone you know, but it’s not and the minute you open a file not knowing where it comes from it locks your PC up until you’ve paid someone,” he said.

Bradley Du Chenne, CEO  of online comparison website Hippo.co.za, encouraged employers to take charge of their security and educate employees about cyber security risks to protect confidential information.

“If businesses take their data security seriously and empower their employees to protect all information carefully by only using approved software and tools, they should go a long way to protecting themselves against a data breach,” Du Chenne said.

Du Chenne suggested these precautions:

• With the widespread use of online platforms to facilitate the ease of remote work, make employees aware of the types of information they need to safeguard and how best to do this.
  
  
• With a proliferation of video conferencing services, such as Zoom and Microsoft Teams, make sure employees only use secure services where the risk of hackers accessing data is reduced.
  
  
• Always download software updates for business devices such as tablets, phone and PC as soon as they become available. These often contain patches for newly discovered security vulnerabilities.
  
  
• Make sure all business electronic devices are equipped with spyware and malware protection, including PCs, tablets and cellphones. Never use any other devices to access business profiles, internet banking or any websites where business or personal credit card details are required.
  
  
• Businesses should prohibit the sharing of work electronic devices. When employees use their work devices at home, no third party should be using or have access to these devices. This reduces the risk of access to protected company information.
  
  
• Ensure you password-protect all company devices. If these are stolen or lost, it offers a level of protection against unauthorised people gaining access to the stored information.
  
  
• As remote working becomes necessary, employees may be tempted to connect to free Wi-Fi networks nearby. As many of these networks are not secure, this can lead to significant security risks.
  
  
• Virtual Private Networks (VPNs) assist in encrypting internet traffic; this is more often implemented when employees are connected to a public Wi-Fi network. If your company has one in place, make sure employees exclusively use the VPN when working and when accessing company information systems remotely.