Start-ups and VSE threatened: 63% of French people have little or no knowledge of security measures in telework
While many small businesses are still reluctant to provide their staff with professional mobile devices to work from home, in France, less than one in three (27%) have ever received instructions from their employer on safety precautions. take in order to work from personal devices. And this, even as the number of commercial data now circulating outside the perimeter of the company has greatly increased. Kaspersky’s latest study highlights the importance for small businesses of having a clear strategy for protecting and raising awareness of employee safety.
Working from your personal computer has become a necessity for some small organizations during the coronavirus pandemic. However, before the health crisis pushed the world to confine itself, this practice was already widely known, and tolerated, by certain organizations. This allows employers to save on IT equipment and allows employees to work more flexibly from home. However, in addition to thinking about business benefits, companies must also think about protecting equipment against cyber risks so that business and customer data remain confidential and secure. This protection will also allow employees to work more efficiently, without being slowed down by ransomware or other malware infections.
During the pandemic, within the VSEs / SMEs questioned in France, half of the employees (51%) did not receive computers or professional tablets from their employer, as the recent Kaspersky study shows. In 40% of cases, all sizes of businesses combined, employees were asked to use their personal devices to continue their professional activity at home. Although this is the only option for some organizations to consider continuing their activity, less than a third of French VSE / SME staff (27%) indicate that they have been informed of the IT security measures to be implemented to work in completely safe.
These measures may include, for example, the remote installation of an anti-malware solution by the user or the company, the use of strong and unique passwords on WiFi devices and routers, or even the Regular updating of operating systems (OS) to reduce the risk associated with uncorrected vulnerabilities.
The implementation of these first security principles has recently become all the more necessary since 22% of the employees questioned in France admitted to having started to store more precious corporate information on their domestic devices, as well as in personal services. cloud storage (13%).
“VSEs like start-ups have found themselves in a difficult situation and their first priority is now to ensure the sustainability of their activities and to save jobs. It is therefore not surprising that the reflection on cybersecurity rather emerges in a second step. However, implementing even basic IT security measures can reduce the risk of malware infection, financial fraud, or loss of business data. In addition, many cybersecurity experts make recommendations that companies can share with their employees to help them secure their devices. And of course, these requirements must be met after isolation at home, when the staff is likely to continue working remotely, “comments Cécile Feroldi, B2B Marketing Director at Kaspersky France and North Africa, West and of the Center.
Kaspersky advises VSEs to follow these basic IT security principles to protect their employees when working from personal terminals:
• Home appliances must be protected by an antivirus solution. Kaspersky offers a dedicated solution for small businesses, Kaspersky Small Office Security, which can be installed remotely on any device, whether corporate or employee-owned, and managed from the cloud.
• Device operating systems, as well as applications and services on the device, should always be updated with the latest versions.
• Password protection must be enabled for all devices, including cell phones and WiFi routers. If a router has a default password, it should be replaced with a new, more robust password. For this, the password management functionality of a security solution makes it possible to generate and store unique and secure passwords for each account.
• WiFi home connections must be encrypted, ideally with the WPA2 encryption standard. This action can be performed during the configuration of the router.
• A VPN must be used if an employee uses unknown and unsecured WiFi access points.
• Use a security solution that allows encryption of devices and servers and creates backups of all company data – this will help restore data quickly if ransomware is infected.
• Provide employees with a list of reliable cloud services that can be used to store or transfer company data.
• Organize basic safety awareness training for teams. This training can be done online and should cover the first and most essential steps, such as account and password management, email security, access point security and web browsing. Kaspersky and Area9 Lyceum have also developed a free training module to help everyone work safely from home.
• Last but not least, make sure that the teams have an emergency contact in the event of an IT or security problem.
A new, more innovative version of Kaspersky Small Office Security will be unveiled on Tuesday June 9, 2020.
 The study was conducted by the research agency Toluna in the United Kingdom, the United States, Australia, France, Italy, Spain, Germany, Sweden, Russia, Mexico, Brazil and in Colombia in April 2020. A total of 6,017 people were interviewed in the countries mentioned, of which 1,381 work in companies with 1 to 49 employees.