The sudden shutdown of many offices resulting from the declaration of states of emergency following the outbreak of COVID-19 in Canada meant an entire workforce was suddenly working from home. While we live in an era where most businesses are prepared and equipped for their employees to work remotely, many were left scrambling to continue "business as usual".
"Cybersecurity", "computer security", and "information technology security" are all terms used to describe the protection of computer systems and networks from the theft or damage of hardware, software, data, and misdirection of services. Cybersecurity is a primary concern when working from home.
Some cybersecurity threats include:
- unsecured home wifi networks;
- sensitive data being shared across wider networks, some of which are not secure;
- using personal devices or networks that may not comply with corporate standards, may not have up to date security software, or may be accessed by others in the home;
- heavy reliance on group communication tools, some of which may not be secure; and
- scams targeting remote workers.
On July 28, 2020, the Canadian Centre for Cyber Security (the "Cyber Centre") issued an alert to IT professionals and managers regarding several compromises of computer networks in Canada and specifically of remote access services. The Cyber Centre reports that, in each case, access was gained because two-factor identification (or "2FA") was not enabled and/or because software running on an exposed server did not have the latest version installed.
In order to ensure the inherent risks associated with working remotely from home are addressed, the following steps need to be taken: