Skip to main content
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
Hiscox Insurance
Menu Toggle
  • Home
  • Small Business Insurance Toggle Menu Toggle Menu
  • Why Hiscox Toggle Menu Toggle Menu
  • Resources Toggle Menu Toggle Menu
  • Policy Management Toggle Menu Toggle Menu
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
  • About
  • Get a Quote Get a Quote
  • About
  • Get a Quote Get a Quote
  • Blog Home
    Start Your Business
    Grow Your Business
    Protect Your Business
    Celebrate Courage
    Search

    Twenty-Four Seven

    Sign up to get the latest small business news delivered right to your inbox.
    Protect Your Business
    Two computer screens facing each other with hands coming out of them, exchanging a letter with a skull and bones on the front. Representing a phishing email.

    New cyber risks to small businesses working remotely right now

    Cyber | Industry Spotlight
    By: Hiscox Blog

    Share Image

    Embed Image

    Copy

    Share Article:

    To help manage the spread of coronavirus (COVID-19), many businesses have mandated or are encouraging their employees to work from home. Never before have we seen such a large percentage of the workforce doing their jobs from home. This represents some significant security challenges small businesses could face.

    Many applications that support remote working have already reported additional stress on their resources with some experiencing periodic outages.

    It is no surprise that cybercriminals prey on victims in their most vulnerable moments, so they have been quick to take advantage of the situation. It’s important for business owners and employees to recognize the threats and know what to do about them. 

    Here are some of the risks small businesses may face with their employees working remotely

    1. Phishing emails

    As working from home has increased, there has been an influx of coronavirus-themed phishing emails. 

    Cybercriminals have taken advantage of the fact that people are hungry for information and updates about the spread of the virus. Many of them have been sending out phishing emails with information on COVID-19 such as vaccines, tax refunds, preventive measures from the ‘World Health Organization,’ and more. 

    Clicking on links or attachments within such emails takes victims to a fraudulent page that harvests their information, including login credentials and financial and tax information. 

    2. VPN vulnerabilities 

    Remote working, in most cases, involves the use of a Virtual Private Network (VPN). Only a few months ago, several VPN appliances were found to have critical vulnerabilities, for which patches were released. Since VPN devices are internet-facing, it makes it easy for attackers to scan the internet for their vulnerabilities. These vulnerabilities give attackers remote access to a network without login credentials.

    3. Overworked IT staff 

    Many organizations are dealing with overworked IT staffs, making it harder for them to detect issues or manage resources. Additionally, while employees are working remotely, IT professionals may be more focused on enabling ease-of-use processes for company employees instead of being on the lookout for security threats. 

    What can businesses do to protect themselves from COVID-19 cyber risks?

    • Businesses should be alert for potential incoming phishing emails and provide training to workers to help them spot and manage such emails. Use these tips from the Federal Trade Commission to help inform yourself and your employees about phishing emails.
    • Enable Multifactor Authentication (MFA) on user accounts, especially administrator accounts. This provides an extra layer of protection by requiring users to supply evidence that they are allowed access. Typically this is in the form of personal information that only the correct user would know. 
    • Make sure all VPN hardware and software is patched and up-to-date. A patch, by technical definition, is a software or firmware add-on that’s designed to fix bugs and security vulnerabilities.
    • Make sure anti-malware software, IDS/IPS (Intrusion Detection/Prevention Software), etc., is up-to-date.
    • Close all unnecessary open ports. In this case, we’re talking about physical and virtual ports, which you can learn more about here.
    • Only use applications that are recommended and vetted by the business.
    • As much as possible, prevent your employees from connecting their personal devices to corporate networks unless they are segmented or operate in a testing, or ‘sandbox,’ environment to prevent cross-contamination.

    For more information on working effectively from home, check out resources from the SANS institute and the Hiscox blog on how working from home could help your company and employees.


    Protect Your Business

    Protect the business you’ve worked so hard to build. Get a fast, free quote and your business could be covered today.

    Get a Quote
    Get a Quote
    Subscribe to our newsletter

    Related Articles

    5 Min Read
    Small business owners in capes, protecting what they've built from impacts of recession

    Ideas on how to make your business recession-proof

    Management | Entrepreneur

    Here’s what you need to know about the recession and some things you can do to reduce its impact on your small business.

    Read More

    4 Min Read
    sole proprietor learning what insurance policies are best for her business.

    Useful information on the best insurance for sole proprietors

    Insurance 101 | Entrepreneur

    As a sole proprietor, were you aware that you should have business insurance? Get the details on what type of policies are best for your small business needs.

    Read More

    3 Min Read
    Man sits on couch with telehealth professional on laptop

    Telehealth: Risks and rewards for your healthcare business – and what comes next

    Management | Cyber

    Many health and wellness providers are offering their services virtually. Here’s what you need to know about the risks, rewards, and future of telehealth. 

    Read More


    We’re here to help.
    We provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.
    Get a Quote
    Get a Quote

    Footer menu 1

    • What We Cover
      • Business Insurance
      • General Liability Insurance
      • Professional Liability Insurance
      • Errors and Omissions
      • Cyber Security Insurance
      • Workers Compensation
      • Other Coverage
    • Who We Cover
      • Small Business Owners
      • LLC
      • Sole Proprietors
      • Entrepreneurs
      • Side Hustle
      • Contractors
      • Home Businesses
    • For Our Customers
      • Refer a Friend Program
      • Covid-19 Response
      • Claims Center
    • For Business Owners
      • Save with our Partners
    • About Hiscox
      • About Us
      • Careers
      • Contact Us
      • Hiscox Corporate
      • Investors
      • Foundation
      • Newsroom
      • We Stand Together
      • Affiliate Partner Program

    Footer menu 2

    • Accessibility
    • Site Map
    • Privacy Policy
    • Terms of Use
    • Legal Notices
    • Español

    Feefo Reviews: Hiscox rated 4.7/5 with 1,067 reviews between January 1, 2022 - January 1, 2023

    * Any cost, premium, or coverage stated before an official customer quote are estimates and an approximation and are not guaranteed. Actual cost, premium, and coverage are subject to the unique considerations of each individual risk. Customer quotes are based on the information provided to Hiscox, and are subject to required underwriting and rating factors. Until an official customer quote is provided, all communication on this website or advertisement is provided as an example for informational purposes only, and is neither an offer nor a guarantee of available premium or coverage. Any coverage afforded by the products described are subject to and governed by the terms and conditions of each policy issued. This information may not be used to modify any policy that might be issued. Any information provided to assist in understanding the coverage we offer does not modify any insurance policy, nor does it imply that any claim is covered.

    © 2023 Hiscox Inc. All rights reserved. Underwritten by Hiscox Insurance Company Inc., 30 N. LaSalle St., Suite 1760, Chicago, IL 60602. As of December 31, 2021, HICI had admitted assets of $1,250,758,353 and policyholders surplus of $332,792,666. Total liabilities were $917,965,687 (inclusive of $433,752,764 of loss reserves) and paid-up capital stock was $4,242,000.

    icon-facebook
    icon-youtube
    icon-twitter
    icon-linkedin