New York’s Department of Financial Services (DFS) issued guidance on April 13 alerting regulated entities of the significant increase in cybercrime during the coronavirus (COVID-19) pandemic.
Specifically, DFS noted several cybersecurity risks resulting from the realities of a remote workforce. With the increase of remote working, companies have issued new devices to employees and in many cases allow employees to use their personal devices to remotely access company information. These practices understandably subject companies to increased risk of phishing attacks and the leak of confidential information. Remote connections need to be as secure as possible using mechanisms like Multi-Factor Authentication and secure VPN connections so that data is safely and properly encrypted in transit. Regulated entities should be sure that all devices have the necessary and proper security software and that employees are trained properly on how to use applications securely.