Cybersecurity Tips For Companies That Apply Hybrid Working

JAKARTA - Hybrid Working is widely chosen by some companies that provide convenience for their employees, where this system will incorporate work activities inside and outside the office alternately. But there is a cybersecurity threat lurking.

According to cybersecurity expert and ITSEC Asia President Director Andri Hutama Putra, there are several challenges for companies implementing a hybrid work system related to information system security.

Andri explained, by using an account that is integrated with company data, the employee could be exposed to phishing traps, spoofing and also ransomware attacks.

Or there could also be attacks through the use of unsafe public connection networks. If that happens, important company data could be leaked to irresponsible parties.

For this reason, here are some tips from ITSEC Asia that companies can do in facing the challenges that arise when they implement hybrid work culture, quoted on Friday, December 30.

1. Increase Employee Awareness for Cybersecurity

In a hybrid work system, employees can be said to be the company's first defensive line in dealing with cyber threats. Therefore, it is important for companies to educate, train, and support their employees in increasing their knowledge and ability to maintain their cybersecurity.

This can be done by companies by providing Cyber Security Training to all of their employees, not only to the IT team. Thus, the company can minimize the possibility of data leakage from attacks on employees such as phishing or congestion to obtain important data and also spoofing or fraudulent parties officially to steal data, money, or damage the system.

2. Apply the Right Information Security Post

Adjusting hybrid work systems with information security planning at the company, which can be done starting from audits and analysis of security systems, Cyber Incident Response Plan (CIRP) as a guide in mitigating security incidents, as well as Business Continuity Plan (BCP) so that business processes can continue to run well in incident conditions.

With the planning, proper team development and security consultants, the company can realize cyber infrastructure that best suits the company's needs.

3. Implement Proactive Security Systems

In creating more resilient cyber infrastructure in hybrid work culture, companies can also provide gadgets or hardware such as tablets and laptops that are equipped with an integrated security system that can be easily monitored by the company's information system security team.

In this system, the security team could impose a two-factor authentication and password manager to control the activities of employees in the digital world. As a support effort, the Company can also use Virtual Private Network (VPN) and Remote Desktop Protocol (RDP) to secure communication channels between companies and remote employees.

4. Reviewing the Company's Digital Security System

In addition, the company also needs to conduct periodic Information Security Analysis to ensure the security of the company's information system. After finding various weaknesses, the company can conduct Database Security Hardening to strengthen the company's database system by updating software and hardware components of the company's security system.

Not only in terms of hardware and software, but companies also need to update their knowledge and ability of human resources for cybersecurity. There can also be simulations of red teaming, namely simulations of attacks that will test comprehensive resilience both from infrastructure, mitigation processes and also existing human resources.