IRMI Online Talk With Us

Category Focus
Claims, Case Law, Legal

Commercial Auto

Commercial Liability

Commercial Property

COVID-19

Personal Lines and Small Business

Risk Financing and Captives
Risk Management

Specialty Lines

Workers Compensation

White Papers

Free Articles

Videos
Industry Focus
Agribusiness Industry

Construction Industry

Energy Industry
Transportation Industry

Insurance Industry
Conferences
Agribusiness Conference

Construction Risk Conference

Energy Risk and Insurance Conference
Transportation Risk Conference

Sessions On Demand
Insurance Education
Certifications

Agribusiness and Farm Insurance Specialist

Construction Risk and Insurance Specialist

Energy Risk and Insurance Specialist

Management Liability Insurance Specialist
Manufacturing Risk and Insurance Specialist

Transportation Risk and Insurance Professional

Continuing Education

Insurance Industry Training

IRMI Webinars
Subscribe
Plans and Pricing

Catalog

Request a Demo

IRMI Tutorials

Product Updates

Enterprise Subscriptions
Free Newsletters

White Papers

Product Tour

Podcast

How-To Videos
About IRMI
Our Mission

Our Story

Our Team

Our Brands
Press Releases

Careers

Contact Us

Advertise
Glossary
Terms
Acronyms
Membership
IRMI Webinars

Newsletters
White Papers

Join for Free

Home Articles Expert Commentary Security from Home: Continuing to Work and Learn Amid COVID-19

Cyber and Privacy Risk and Insurance

Security from Home: Continuing to Work and Learn Amid COVID-19

Mark Lanterman | October 2, 2020

Home security system with phone app

As schools have started, and many of our kids either head back to their physical classrooms or learn from home, we all continue to face a new set of challenges brought about by COVID-19. Similarly, though many of us have returned to our offices or workplaces, at least to some degree, others are still working primarily from home.

From Zoom meetings to setting up our virtual learning environments to the best of our abilities, it is important to remember that the conveniences afforded by these technologies should always be tempered by security considerations.

One recent article suggests that schools, universities, and academic institutions may be in for a rough fall. Largely due to an inability to completely manage remote devices, unpatched systems, an overarching emphasis on user-friendliness over security, and an increase in phishing scam success, many expect that ransomware attacks will be on the rise.¹ Compounding this problem is the fact that once an institution or organization pays a ransom, they become a more likely target for future attacks. Regular and complete data backups mitigate this risk and help to reduce the likelihood of repeat attacks.

Furthermore, academic institutions and organizations are having to adjust work and learning situations as they go. As many colleges have started, there have been a growing number of cases in which students are being sent home only a few weeks into the semester in response to outbreaks.² In addition to the question of how to best keep students, faculty, and the nation at large as safe as possible, colleges and universities will also have to assess how to most efficiently continue educating students from a distance. In the hustle and bustle of trying to coordinate the student body and faculty, security concerns may be pushed to the back burner in an effort to optimize ease of use and functionality as quickly as possible.

Stay Secure

With the aforementioned risks associated with remote work compounded with a hurried response, it is important that security remains a number one priority. Regarding operational risk throughout this crisis (as mentioned in my last article, "Operational Risk Revisited in the Wake of COVID-19"), simple security best practices—such as the use of virtual private networks, multifactor authentication, avoiding public Wi-Fi, securing endpoints, strong passwords, email encryption, updating software when necessary, and using only approved technologies and devices while working remotely—help institutions to remain secure while also providing students with an effective distance learning program.

Regularly communicating these practices to employees and students is critical, even when in-person learning ultimately resumes, and training in phishing attacks and social engineering helps to bolster the always important "human element" of security.

Conclusion

Within organizational settings, I have frequently commented on the need to develop strong cultures of security with top-down management support and education. Home environments require the same sort of commitment. From creating positive distance learning environments to continuing to work and communicate remotely within our organizations, it should always be conveyed to employees, educators, and students that security is a universal responsibility.

Once a true return to normalcy has occurred, having practice in remote work security policies and procedures will remain beneficial and applicable within our physical workspaces.

Opinions expressed in Expert Commentary articles are those of the author and are not necessarily held by the author's employer or IRMI. Expert Commentary articles and other IRMI Online content do not purport to provide legal, accounting, or other professional advice or opinion. If such advice is needed, consult with your attorney, accountant, or other qualified adviser.

Footnotes

¹ Doug Olenick, "As Classes Resume, Schools Face Ransomware Risk," BankInfo Security, August 26, 2020.

² Anne Flaherty, "Thousands of Students, Staff Sent Home Nationwide as COVID Snarls School Reopenings," ABC News, August 14, 2020.