With Vaccines being rolled out and a light appearing at the end of the tunnel, many small businesses are anticipating a return to normal operations. While we are not completely out of the woods yet, it is understandable that many small business owners are thinking about how they will fully reopen once this pandemic ends.
Even with all the optimism, businesses must remain vigilant. As COVID fatigue continues to loom over all of us, we should all be careful not to drop our guard. Your COVID security best practices must be maintained until the very end of this pandemic. Some practices may even become permanent fixtures within your business.
As you have adapted to what this past year has thrown your way, do not let complacency introduce more problems into your work life. Here are three things you can do to keep your business safe as the pandemic’s end draws closer.
Control access to physical site
Your workplace may have a blend of on-site and remote workers, especially now. Depending on your industry, some operations cannot be done remotely. If you have a mixed staff, make sure you have some control over who is accessing your office.
Avoid having a simple open-door policy that can leave your data vulnerable to both internal and external threats. Businesses with poor visitor control have struggled with this security issue even before the pandemic.
It is best to have someone who can record and control access to the building to avoid snooping and data theft. Ensure that
- offices are locked when not in use
- documents are filed away properly
- access to documents (both physical and digital) is properly restricted
- after-hours visits are restricted
People tend to focus so much on the digital aspects of cyber security, that they risk overlooking physical vulnerabilities around them. Something as simple as a post-it note with a password can provide an access point to your data.
Ideally, these practices should remain in place even after this pandemic. Visitor control is essential to the security of your business.
Encourage a wind-down period
We have all felt the end-of-day rush at some point in our lives. We may scramble to meet an appointment. We may be eager to get as much out of a Friday as we can. Whatever the reason, rushing to close out our workday can lead us to making careless decisions.
A rushed employee is more likely to carelessly download a malicious attachment or share sensitive data with an unverified requestor. When under pressure, we can be tempted to cut corners in the name of expedience.
Those who are still working in offices face added vulnerabilities. If an employee forgets to print an important document, they may be tempted to call into the office and request a co-worker log into their computer to save themselves an extra trip in. This means sharing login credentials and allowing someone else uncontrolled access to their device. If that employee fails to log out entirely, then they do not even need to share their credentials for others to have access to their computer.
Having a sufficient daily period for employees to properly “close out” their day will minimize the end-of-day rush and reduce your business’s chances of a security breach.
Encourage your employees to wind down their workday as it comes to a close. They should ensure that they are not forgetting any tasks that can not wait until the next workday and are properly logging off their devices and securing their physical documents.
Revisit the fundamentals
As always, make sure you are brushing up on the fundamentals of remote cyber security. Add cyber security reminders to your company-wide communication updates and host periodic cybersecurity webinars.
Ensure your employees are being mindful of security fundamentals like
- verifying before sharing sensitive data,
- using a VPN to connect to your network,
- separating home and office devices, and
- protecting against phishing attacks.