cfo-nz logo
Story image

Businesses reminded to check security after COVID changes work habits

Cyber hygiene is more important than ever thanks to COVID-19 changing the way people work, according to the New Zealand Internet Task Force (NZITF).

With the COVID-19 pandemic irrevocably changing peoples work environments, NZITF is reminding businesses to double-check that their IT and remote working systems are safe from outside interference.

"Cyber criminals are known for exploiting online trends to compromise networks. The shift to working from home brought about by COVID-19 is an example of a trend coming at a time when businesses may have taken their eye off the cyber-defence ball due to the pandemic," the organisation says.

NZITF spokesperson Barry Brailey says many firms had to rush to set up remote working before the nationwide March & April lockdown. While remote work has many benefits, it presents information security challenges such as having to access and send data over public internet connections.

"It's likely that, for some businesses, not as much attention was paid to cyber security. Now is the time to check your remote working security set-ups - especially if they hadn't been in place before March and were only engineered as a temporary solution," he says.

"Make sure you have strong passwords for staff to access devices. Use a VPN to connect staff to your internal network. Protect your VPN connection and access to other services and applications with multifactor authentication (MFA)," Brailey explains. 

"Keep company data on company devices. Formalise working from home and remote work policies and solutions, if you haven't already," he says.

Barry recommends that New Zealand businesses familiarise themselves with CERT NZ's top 10 list of cyber security controls. 

These can be found here and include patching software, using MFA, disabling unused services, backing up data, running only approved applications, and logging network activity. 

"Now is a really good time to just make sure you are doing the cyber security basics. CERT NZs list is a great place to start," he says.

NZITF Chair Terry MacDonald says most individual NZITF members and several corporate members played a key behind-the-scenes role as essential workers during lockdown earlier this year and more recently with Auckland at Level 3.

"We're proud that our membership rose to the challenge of keeping our telecommunications, internet and other necessary information technology services running, for the wider benefit of New Zealand," he says.

"The pandemic will end eventually and the NZITF and information security community will be able to come together in person again. But until then, we want to express our gratitude to the membership virtually."