Safety and Cybersecurity First

Safety and Cybersecurity First: Three Steps to Ensure Employee Safety during a Pandemic

History is proof enough that pandemics can have—and have had—devastating effects throughout the world. Having spread to more than 100 countries, infected over 140,000 people, and resulted in over 5,400 deaths, today’s new coronavirus, COVID-19, has become the latest iteration, now declared a global pandemic as of March 14th, 2020.  COVID-19 symptoms include fever, cough, and shortness of breath, and complications may result in more severe illness and even death, especially for older or vulnerable individuals (e.g. those with respiratory issues or chronic sicknesses).

Unfortunately, COVID’s spread continues and these infected numbers are only projected to keep climbing. However, unlike our forefathers who faced epidemics such as the Black Plague, modern education, technology, and medicine are helping many countries take preemptive measures to delay exponentially increasing outbreaks until the world can discover a vaccine or the pandemic blows over.

Taking proactive measures and staying informed is actually good advice for everyone, as working together in this will mitigate the virus’ spread and help save lives. Still, the rapid, easy spread and varying mortality rate of the virus present unique challenges for organizations seeking to protect themselves, employees, clients, and the general public. To help, governments and corporate leaders have issued various steps we can take to prepare for and brace against the pandemic virus.

1. Enforce the practice of excellent individual hygiene.

In and out of the office, these everyday preventive measures must include:

  • Avoid touching your face—especially your eyes, nose, and mouth—with unwashed hands.

  • Wash your hands often and thoroughly for at least 20 seconds with soap and water.

  • If soap and water aren’t available, use hand sanitizer that contains at least 60% alcohol and rub along all surfaces of your hands until they’re dry.

  • Cover your nose and mouth when you cough or sneeze with a tissue, or cough/sneeze into the crook of your arm.

  • Stay home and keep away from colleagues and others as much as possible when sick. If contact is necessary, wear a facemask when around other people so as to not spread infection.

  • Clean and disinfect all touched surfaces daily—doorknobs, tables, desks, light switches, handles, phones, keyboards, faucets, etc. According to scientists, COVID-19 can live up to three days on stainless steel, glass, and plastic—this includes your cell-phone and computer. 

2. Embrace social distancing (and, if you can, opt for remote work). 

Employee wellbeing must be top-of-mind, and social distancing is a solid precaution because it mitigates the risk of healthy individuals coming into contact with those who are sick and vice versa. Social distancing includes:

  • Avoiding shaking hands or any other physical contact;

  • Reducing the frequency, proximity, and duration of contact with others;

  • Limiting or banning non-essential work travel;

  • Opting for emails instead of meetings; and

  • Scheduling meetings by videoconferencing.

Many companies have already translated “social distancing” into a work-from-home policy, though in the IT world, this preventative practice may be more easily and effectively implemented than in other industries. When opting for a temporary remote work policy, all organizations should consider:

  • Which positions are feasible for remote work?

  • What technology can be provided to allow employees to telecommute?

  • What guidelines or tools must be set forth for timekeeping/recording work hours?

  • What security measures must be enacted to counter cybersecurity concerns?

3. Stay safe online when working from home.

"while working remotely can be a respite in some respects, don’t get too comfortable"

While working from home is an excellent solution to keep that “social distance,” it comes with its own set of challenges, including the very concerning issue of cybersecurity. Experts warn that hackers and scammers are specifically targeting employees working from home, who often are ignorant or negligent of the danger. Working from home—or, especially, in a public location out of the office—often means working via an unsecured Wi-Fi network. It also means the possibility of working on personal devices that typically lack the fierce firewalls, antivirus software, and automatic backup tools that have been diligently downloaded and customized for the business’s in-office network. So while working remotely can be a respite in some respects, don’t get too comfortable. Protecting yourself is essential and doable as long as you’re armed with the right knowledge and tools. Though some employers may already have protocols in place, for those who don’t, here are some simple yet effective cybersecurity tips for safely working remotely:

  • Use strong passwords and set up two-factor authentication. Obviously, everyone should always use passwords that are unique for every account with a variety of characters that include letters, numbers, and special characters. But a strong password isn’t enough. Two-factor authorization—adding a password + email/text message confirmation, fingerprint scan, USB fob, etc.—provides an essential extra layer of protection.

  • Secure your home router and lock your device when you’re not using it. Change your router password and don’t share it with people outside of your home. Password-locking your device will usually be enough to encrypt its contents until the password is entered.

  • Use a VPN and encrypted communications. VPN isn’t just for location spoofing. It encrypts your internet traffic, making it unreadable to anyone who intercepts it. If the company doesn’t already have encrypted communication services in place, many mainstream services (e.g. Signal, WhatsApp) offer end-to-end encryption.

  • Set up firewalls and use credible antivirus software. These two lines of defense are critical—a firewall stops some threats, and good antivirus software can often detect and block the threats that slip through.

  • Impose additional credentialing for downloading sensitive data or opening sensitive files.

  • Install regular updates and perform regular back-ups of your data. It’s exactly what it sounds like. Updates include new solutions for evolving vulnerabilities, making your device safer, and backing up your info—whether on hardware or in the cloud—enables you to recover in case malware, physical damage, or human error wipes out your system.

  • Beware of phishing emails, sites, and work-from-home scams. A pandemic can be uncharted territory for most people, and criminals are waiting around the corner to cash in on the chaos. Watch out for scams that target gig economy workers, including anything from fraudulent “freelance” sites to Ponzi schemes. If you’re looking for freelance work, make sure to use reputable sites.

  • Immediately inform your employer if you become aware of a possible security breach. Employers must be aware of the increase of such risks under these circumstances and should ensure that a response team is on stand-by.

"The bottom line is: don’t panic, and do prepare"

The bottom line is: don’t panic, and do prepare. The best policy for remaining safe, in all aspects—physically from the virus, and digitally from cybersecurity risks—is to be proactive and invest time in taking calm and effective measures. Despite the greater uncertainty, the new circumstances brought on by pandemics such as the COVID-19 outbreak are a valuable opportunity to prepare ourselves and our people for a different way of working, communicating, and staying protected. Thankfully, modern tools and technology give us a much better chance to ride out the disruption in ways not available during previous periods in history—during this time, we must all work together with the advantages we have to simultaneously maximize safety and productivity as we wait for the scales of societal life to tip back towards normal.

About the Author

Avani Desai

Avani Desai is the President at Schellman. Avani has more than 15 years of experience in IT attestation, risk management, compliance and privacy. Avani’s primary focus is on emerging healthcare issues and privacy concerns for organizations. Named as one of the 2017 Global Leaders in Consulting by Consulting Magazine she has also been featured and published in the ISSA Journal, ITSP Magazine, ISACA Journal, Information Security Buzz, Healthcare Tech Outlook, and many more. Avani also sits on the board of Catalist, a not for profit that empowers women by supporting the creation, development and expansion of collective giving through informed grantmaking. In addition, she is co-chair of 100 Women Strong, a female only venture philanthropic fund to solve problems related to women and children in the community.

Follow on Linkedin Visit Website More Content by Avani Desai
Previous Article
Panicked About CMMC? Don't be!
Panicked About CMMC? Don't be!

The Cybersecurity Maturity Model Certification (CMMC) has been a hot topic in the federal and defense contr...

Next Article
Locking up the 'internet of things'
Locking up the 'internet of things'

A wide range of internet of things connected devices are now required to include reasonable and appropriate...






Now Providing C5 Examinations

Learn about C5