The pandemic fundamentally changed the working world forever. Not only are more employees working remotely, but more people are starting their own businesses – often from home. There has been a significant increase in new entrepreneurial activity amongst working-age South Africans, from 10.8% in 2019 to 17.5% in 2021, according to the Global Entrepreneurship Monitor (GEM) report 2021/2022 released by Stellenbosch Business School.
The digital work landscape also looks very different today. With affordable, high bandwidth connectivity more readily available in South Africa, we are now more marketable to take on remote, higher-paying jobs for foreign entities. Covid-19 also necessitated more complex collaboration in virtual meetings, ultimately improving our ability to work and communicate in isolation.
But, of course, all this digital growth has created a fertile breeding ground for new threats. ESET’s T2 2022 Threat Report, released in October, examines threats mostly impacting individual and home users. ESET phishing feeds showed a sixfold increase in shipping-themed phishing lures, with most presenting victims with fake DHL and USPS requests to verify shipping addresses. A web skimmer known as Magecart constituted three-fourths of all banking malware detections.
Furthermore, misconfigured remote access services continue to give bad actors an easy access path to company networks as Remote Desktop Protocol (RDP) attacks continue to grow. According to ESET’s threat report, for the first four months of 2022, over 100 billion such attacks were attempted, over half of which were traced back to Russian IP address blocks.
Small businesses or new entrepreneurs often make the mistake of thinking that they don’t need paid cybersecurity – that software from the world’s trusted vendors is secure, or that their small businesses won’t be an attractive target.
That, unfortunately, is a mistake as small businesses are easy targets. Threat actors are targeting smaller companies at scale, making it well worth their while. There are so many risk vectors today that everyone, from the sole proprietor selling wares online to large corporations, must adopt a sensible, pragmatic, and responsible approach to security.
And though the scale, expertise required, and products used will differ significantly depending on company size, the basics remain the same. You are already a long way towards an effective security posture by using strong passwords, reputable cybersecurity software, backing up and encrypting data, and being on the lookout for social engineering.
When it comes to home-based employees and small entrepreneurs, there are some habitual mistakes that often open the door to threats. The most common is using very simple, easily cracked passwords. Some people even use the same password across all sites, therefore leaving every site open to being compromised by bad actors. Use a password manager and password best practices, with multi-factor authentication, wherever possible.
The same can be said for storing and saving data, from storing on unsecured physical devices through to cloud environments. Use reputable companies to store your data in the cloud and use encryption for all physical devices. Backup your data on a regular basis, and upload to an offsite location, should a situation arise where your local storage and devices are compromised.
Lastly, even when home office environments have some form of security such as a router, antivirus, and secured WiFi or a hardwired connection, many entrepreneurs and employees work from coffee shops or restaurants that have open, unsecured WiFi, exposing their data to risk. Never use open WiFi as it is not secure and leaves you and your device open to prying eyes and potential attacks.
Take your time researching options. You want to ensure your working environment is secured with best-of-breed cybersecurity software that can cover the entire infrastructure, requires little to no maintenance, and is easy to install and implement from the get-go.
When starting a new business, you should be spending your time building your business and not on security. Luckily, highly skilled companies are offering secure environments, incredible security services, and expert help. Recognise their importance and use them.