Author: enigmaforensics

Security Risks When Working From Home

Working from home? Have you been transferring files between work and personal computers? Be aware of the security risks that are out there. Experts talk about how to protect your company’s private data. Where should you start to make sure your remote workforce is secure? Listen to these experts!

Using Your Personal Computer to Work From Home

What are implications when working from home?

Let’s face it, these are weird times! Never before have we had the bulk of the country’s work force sheltering-in-place and working from home. We’re going on four months battling the spread of COVID-19. Workers have resigned, been terminated and furloughed and many have sensitive trade secrets loaded on their personal computers. Experts Lee Neubecker and the Data Dive Debbie Reynolds discuss currents situations and different audits they have performed for companies to retrieve intellectual property and company data. Check out this blog with transcripts.

Video Transcripts Follows

Lee Neubecker(LN): Hi, this is Lee Neubecker from Enigma Forensics. And I have Debbie Reynolds, the data diva back on the show from Reynolds consulting. Thanks for being on. Thank you so much for having me Lee. So what are your thoughts about the shift and changes that have happened over the last couple of months with everyone being stuck at home with their computers?

Debbie Reynolds(DR): I think it’s a interesting issue now, because as you know, even before the pandemic, there were people working at home. But now since there’s so many more people at home, it’s bringing up other security risks, especially with devices. And I’m sure you know, you probably explain more of your experience about working especially a forensic with people who are remote. And some of the challenges with those machines, especially, you know, the same people. They’re either working from home, people are getting furloughed or people are losing jobs where they’re, they’re not in the office. But they still have equipment. So I’m curious to see what you think about all that in terms of the device, the equipment, and some of the risks that come with that.

(LN) We’ve had a number of projects happen during this period where workers either have resigned, they’ve been terminated, or they’ve been furloughed, and there’s a need to get the company data back. And sometimes that data is on their personal computers. Other times the data is on a company issued laptop, but there are companies are just starting to get back to work. And there’s a whole host of issues. If you have sensitive trade secrets, and confidential electronic data on an employee’s personal or work computer, and you don’t have physical custody of that, there’s a real risk of that data getting disseminated to a new employer, maybe leaked online to the web, or maybe even you know, someone’s kid at home installs a game that opens up malware that puts those trade secrets at risk.

(DR) You know, we know a lot of people working from home, and a lot of people are using, I think the statistics said, the majority of people, maybe a slight majority, are using their own computers to, you know, tunnel in via VPN or whatever. But we all know that people still, under a lot of circumstances, let’s say they’re printing, or they have a file they want to, you know, leave locally or something. What is your advice from a forensic perspective? ‘Cause we can, we always see a lot of data co mingle together, unfortunately, where the personal and people’s business stuff maybe, you know, together in some way, so what is kind of your advice for people working at home for stuff like that?

(LN) If an employee’s is being asked to work from home, they should ask for a work issued computer.

(DR) Right

(LN) Also you should be using a virtual desktop of sorts.

(DR) Right. Yeah, exactly. But you’ve seen I’m sure you’ve seen a lot of situations where you’re asked to do forensic work. And there is a lot of personal stuff, even on a company.

(LN) Yeah, we’ve had situations where people have, despite having work issued computers, they’ve still connected their personal computer up to corporate resources, office 365. I’ve seen situations where there’s drives that are syncing to personal, former employees, personal computers, and even though the accounts are severed, so it can’t continue to sync, then all that data might still reside. So we’re doing audits right now for clients to look for, you know, what devices are synchronizing with corporate data stores, and some of those devices. You know, there really needs to be accounting and audit to match up those devices to ensure that only accounts of active employees are syncing and that those devices are company issued devices, not personal devices because it poses a real risk. It’s a problem that could be preempted by issuing, you know, work equipment, not co mingling work and home stuff.

(DR) Are you seeing problems where people are, let’s say they have a phone. And they have like, for example, let’s say they have an Apple phone and they have a iCloud account. And the phone belongs to the company, but their iCloud account is their own personal account where you have problems getting those passwords.

(LN) Yeah, for the most part, we’ve had compliance and I’ve worked to try to help solve the problem, you know, the employee might have stuff they need. And usually what we’re doing in most cases where we have co mingle data, where we’re giving the employee or former employee the opportunity to put all their personal stuff onto a drive that will then do a search against and then we’ll wipe, wipe, completely wipe, the original device. They’ll sign a certification of sorts, and then they’ll only copy the stuff that they, that they copied off that we verified, didn’t contain trade secrets, and they’ll pull that back down to the computer. But that relies on some level of trust that if the employee or former employee signs, a declaration or affidavit saying that they returned everything that they’re being honest.

(DR) Do you have people that are concerned, especially in the legal field about people doing remote document review, and having sensitive documents viewed on their computers at home?

(LN) Well, I think that’s a legitimate question. And you know, if, if companies are outsourcing document review, they should be asking the provider, provider questions about, you know, how, what steps are you taking to make sure that those endpoint reviewers aren’t using computers that are compromised? In many cases, companies are using independent contractors as their reviewers and they’re not issuing corporate equipment. So that that’s a real risk that the whole ediscovery industry really needs to grapple with, because someone’s going to get burned at some point in time, especially during this, this pandemic with, you know, resources taxed and people working from home.

(DR) I have one more burning question for you, actually. And this is about BYOD. What do you think? Because the pandemic, do you think more companies will start to do more or less, bring your own device things as a result? I think we’re going to see a lot of problems come out of BYOD devices where companies see the problem of losing control of their data. And, at least with the larger companies, I think you’re going to see probably more strict, more strict enforcement of using corporate resources. I mean, there were many companies right before Illinois shut down went into effect they were ordering laptops going running out to, you know, retail stores to quickly grab whatever they could, so they can issue laptops to their employees. And, and so I think you’re going to see, I think you’re going to see a movement away from BYOD in the future.

(LN) I agree with that. I think it’s been a long time coming. I don’t know if you remember when they were first doing this, you know, at first companies were giving people devices, then they decided well we’ll save money will be out BYOD Now it seems like a pain in the neck to deal with it. And it’s all these risk issues. So I really feel that they’re going to start to go back the other way.

(DR) Now, well there’s a cost associated with BYOD. And now people are furloughed and all your sensitive data is on former employees, personal computers. So then you’ve got to hire a forensic expert like me to try to work through to get the data back and to solve that problem, which, you know, it might have been much easier to issue a 500 dollar laptop to employee, then to have them synchronize that ’cause they’re going to pay more than $500 dollars to try to solve the problem of getting their data back. So after we get through this next bump in the business cycle where companies are paying out to have to retrieve their data, I think you’ll see that most CFOs will see it’s smart sense to issue corporate laptops and to block access to BYOD devices. But thanks for the question. It was a good one.

(LN) Thank you. Fascinating. Thank you for sharing.

(DR) Thanks

Related Articles

Securing Data in the Cloud
FBI Warning: Smart TV’s may be spying on you.

Check out our COVID-19 Statistics – Track your county!

COVID-19 Downloadable Statistics

Social Media and Cell Phone Forensics

Social media and cell phone forensics can play an important role in thwarting criminal activity. Check out this conversation between Cyber Forensic Expert Lee Neubecker and Data Diva, Debbie Reynolds. You will be so much smarter afterwards!

Snap Chat, Twitter, Facebook: Social Media and the Importance of Cell Phone Forensics

Lee Neubecker and Debbie Reynolds, the Data Diva, discuss the role of law enforcement in capturing social media posts when trying to thwart the bad guys coordinating a riot or the more recent looting incidents in Chicago. During this difficult time in our nation, what is the role that cell phone forensics should take? Did you know that Apple phones have the ability to automatically shut down when stolen and have a beacon that will detect the location of the phone making it easy for law enforcement to come knocking on the thief’s door? Check out this video to learn more about the role of social media and cell phone forensics.

Transcripts of Video Follows

Lee Neubecker (LN): Hi, it’s Lee Neubecker, and I have Debbie Reynolds back on the show, Debbie thanks for being on remotely.

Debbie Reynolds (DR): Thank you for having me.

LN: So I asked you to come on so that we could talk a little bit about some of the recent lootings that have happened in Chicago and other areas across the country. And what could be happening, as it relates to cell phone forensics and how law enforcement can be using that to get to the bottom of how these coordinated attacks are being planned and who might be involved.

DR: Most of what I know about this is basically what you told me so, why don’t you just sort of share what your experience has been so far in the current environment, and then we can talk from there?

LN: Sure. Well, right now, I know that some of the looters that were apprehended had cell phones on them. We don’t know exactly how the information is being used by law enforcement, but technically, an example of things that could happen could include, doing forensics on the cell phone, identifying Snapchat handles they have communicated with, looking at text messages, looking for Twitter accounts and postings. And potentially, what I saw happening during the last week, at least in one instance, there was a post made to Twitter by a user that made a reference to doing a gig at Urban Outfitters on the West Side, and roughly a few hours after, that post went out on Twitter, referencing Urban Outfitters, Nike’s, Liquor and other things. Around four hours after that, looting that went on at that store, so that handle that posted and anyone else that reacted to that post could certainly have been alerted to the potential for mass looting in a coordinated way via social media.

DR: Yeah, I think even though the police do have capabilities to do that type of tracking and tracing, they they do heat maps of certain things. The problem is that these incidents, if they are coordinated, they happen pretty quickly so it’s sort of hard for them to kind of preempt it. But as you said, always, they have capabilities, right? To do anything with like cell phones that they capture, but they also have capabilities to do things like geofencing about who was in the area at certain time. So, a lot of what they’re doing is not necessarily preemptive or pre-crime is more of, if something is happening or has happened, they can go back and try to backtrack or trace or… If there are people on the scene they can apprehend whoever is there that’s doing whatever and they sort of build it out from there, right?

LN: Yeah, but just the other day, someone was captured and apprehended in… They got caught because they were posting their raid via social media, and they had a live view of them going to bomb, they were threatening to bomb the place and looted, taking cash registers and the stuff was, this someone that was not from Chicago, I think from downstate, somewhere that came in and came in with a goal to create problems and had a past history of that, but the person had the audacity to post it to Facebook, and the FBI just busted them and they’re indicted now.

DR: I don’t know why people share such things on social media. Because yeah, they do track and trace that. But, a lot of the things especially as I saw, it seemed like a lot of stores that have things like mobile phones have been attacked. And as you know those things are pretty easy to trace back. So I don’t know how far people–

LN: Apple had LoJack, in all their phones at the retail store, and so people who took those phones likely those phones likely got located but-

DR: Oh yeah, definately.

LN: I don’t know that that’s happening at the the cheap cell phone stores, the burner phones.

DR: Well, yeah, those are… No, I mean, they probably… If anything, obviously may have serial numbers and stuff like that but, once you… Whether it’s broken, or people change sims or whatever, it’s harder to track that stuff down. But yeah, the Apple phones, yes. They wouldn’t have very much problem. I think as I heard, I read that what Apple had done is for all the phones that were stolen from them, they were able to lock those down. And then it had a screen on there so that you actually couldn’t use it. So, that’s what I heard was happening with Apple.

LN: Yeah, well, they also have the ability to beacon out and send GPS location so-

DR: Oh, absolutely.

LN: People who are buying stolen Apple phones might find someone knocking on their door, law enforcement.

DR: Yeah, it’s probably not a good idea to buy one off the street at this point. So yeah.

LN: Yeah. Well, any thoughts on your concerns if the privacy issues that might relate to mere surveillance on people and tracking social media posts and actually getting in and subpoenaing phone numbers that were taxed to help try to prevent looting from happening?

DR: Well, okay. I guess that’s a couple of different things rolled up into one. So, obviously I’m concerned with mass surveillance, especially if it is capturing information not accurately or targeting people who may not have even been involved. So for example, a cell phone can’t tell like let’s say for instance, you’re standing at a corner and I’m at the stoplight. It says we’re next each other, but we’re not together. So, a cell phone tracking can’t really tell that so eury people who aren’t involved, who are innocent, who are especially in this regard, peacefully protesting, having them be adjacent to other people doesn’t mean that they were involved so-

LN: Lets just say though, for instance, that they found that there was a string of businesses hit, the Foot Locker, then Denny’s Liquor, CVS and Walgreens.

DR: Yeah.

LN: There were a group of 20 people that all pinged off the four cell phone towers at the same times, and we’re in close proximity to that and a few other people were ID’d, would that be enough to justify surveillance on people where there were four cell phone towers in common across a range that put them all in the vicinity of where looting took place?

DR: I’m not sure if it would justify surveillance, so to speak, but I think that if they have other evidence, it may help them target those people more closely but, in terms of sweeping people up in surveillance exercise, I don’t think that’s going to happen unless they have additional information. So, let’s say they have information just like you said, like, okay, these people are in the vicinity and then they posted a picture on Facebook with some loot gear that they got, that would be enough, I think, to justify surveillance but just the fact, surrounding the vicinity, that’s probably not enough to go on, I don’t think.

LN: I appreciate your opinions and thoughts on this. It’s a difficult time right now and hopefully we’ll have stability and we’ll have people held accountable on all fronts, not just the leaders.

DR: Yep, I agree.

LN: Yeah, thanks Debbie.

DR: You’re welcome.

See Similar Posts

Cell Phone Forensics Key to Ending Looting
Naval Air Station Attack: Cell Phone Privacy

Top Places in Illinois That Reported Accelerating COVID-19 Weekly Growth

Enigma Forensics has been busy tracking week to week COVID-19 cases in each Illinois county. We are thankful of our Medical Professionals. Thank you to everyone for all you’ve done to reduce the spread!

Illinois as a state has been trending in the right direction. Only 8 counties reported cases in excess of zero the week before last week and more than 20 cases the last week show weekly growth. These counties should continue to ramp up additional testing availability and contact tracing to keep the state on track as a whole. 9 counties showed a reduction in a week over week reported cases. Click through on the County Name to see the time series chart depicting the daily counts and 7 days trended average.

Download COVID-19 Daily Confirmed Positive Cases

The data depicted above was obtained from the John Hopkins GitHub Repository.

Growth of the outbreak can be seen where the daily blue COVID-19 confirmed cases count exceeds the 7 day trailing daily orange average trend line.

View Chart Full Screen Width

COVID-Confirmed Positive Cases Week over Week Comparison

Counties with zero cases the week before last week were excluded.

CountyWeek Before Last Week
Total Cases 		Last Week
Total Cases		Week Over
Week Percentage Growth
Cass439875.00%
Stephenson1124118.18%
Rock Island414919.51%
Kane25429415.75%
Will21123712.32%
Lake2682939.33%
Madison90911.11%
Cook227322800.31%
Adams0220.00%
Kankakee6259-4.84%
Kendall3431-8.82%
St. Clair166151-9.04%
Winnebago149135-9.40%
Champaign5447-12.96%
DuPage291234-19.59%
DeKalb3928-28.21%
McHenry9665-32.29%
Peoria6342-33.33%
This chart is based on data obtained daily from the Illinois Department of Public Health Website. The source daily counts are available at: https://enigmaforensics.com/covid-19/us/state/Illinois_Cases_Delta_By_Date.csv

Top Zip Codes in Illinois Reporting Week over Week Growth
(COVID-19 Confirmed Cases)

Zip CodeCityWeek Before Last WeekLast WeekWeekly Growth RatePeople / Square MilePopulation
60088Great Lakes634467%6,78015,761
62691Virginia630400%222,426
60076Skokie725257%6,24133,415
60624Chicago – West Garfield Park620233%10,78038,105
60169Hoffman Estates825213%4,40633,847
60706Harwood Heights / Norridge1031210%7,82223,134
61265Moline721200%2,37945,099
60462Orland Park720186%2,46938,723
60089Buffalo Grove1233175%4,25941,533
60104Belwood922144%8,08819,038
Data captured from IDPH website daily. Data as of 6/24/20.

Great Lakes Naval Station is leading as the top Zip code in Illinois experiencing the highest week over week growth rate of new COVID-19 confirmed cases. Click the Zip Code to view the daily and weekly average trends of new cases. In the City of Chicago, West Garfield Park is the hot zone where cases shot up 233% over the previous week.

COVID-19 Cases in Cook County Are Abating

Wearing a Mask Could Save Your Life and Others

Illinois Governor JB Pritzker instituted that face masks be worn while inside facilities open to the public beginning on May 1st, 2020. Just a little over 2 weeks later, new cases of COVID-19 plummeted and began a downward descent. Proving that wearing masks helps stop the spread of the Coronavirus / COVID-19.

The other US States that have failed to require a mask to be worn when entering public facilities are experiencing consistent growth of the virus. The data proves that after instituting a mask requirement, roughly 14 days later, cases begin to abate or descent.

Daily Confirmed Positive COVID-19 Cases in Cook County Illinois

Daily Deaths from COVID-19 in Cook County Illinois

Daily Confirmed Positive COVID-19 Cases in Tulsa Oklahoma

Who’s Who Legal Investigations 2020

We are proud to announce Lee Neubecker was once again nominated by his peers as one of the world’s leading practitioners in the Digital Forensic Expert field. Congratulations Lee!

Congratulations Lee Neubecker!

Enigma Forensic’s President and CEO Lee Neubecker was nominated by his peers as one of the world’s leading practitioners in the field of Digital Forensic Experts and is listed in Who’s Who Legal Investigations 2020 publication as such.

Since 1996 Who’s Who Legal has identified the foremost legal practitioners and consulting experts in business law and investigations based upon comprehensive, independent research.

Who’s Who Legal Investigations publications said, Lee Neubecker, is a “great expert” who receives widespread plaudits from sources who note he is “one of the most visible people in the field”.

Nominees have been selected based on comprehensive, independent survey work with both general counsel and private practitioners worldwide.

Top Illinois Zip Codes Where COVID-19 Outbreaks Continue

Chicago has entered Phase 3 of the Re-Opening of Chicago Plan. Are you wondering where the recent hot pockets are located? Check out our COVID-19 Statistics to see where the infection continues to grow.

The following top Illinois Zip Codes that are largely Hispanic are continuing to climb with COVID-19 outbreaks. This data is based on the daily changes in total reported confirmed COVID-19 cases by Zip Code obtained from the Illinois Department of Public Health statistics page. The reported counts include data from 6/12/20, 6/13/20 and 6/14/20. These are the top Zip Codes in Illinois where 15 or more cases have been reported between last Friday and last Sunday.

Of those identified, Hispanic majority zipcodes account for 50%+ of the remaining hot pockets where COVID-19 infections continue to grow. Majority White Zip codes follow with 7 out of 26, followed by Black Majority Zip Codes at 6 out of 26 Zip Codes.

[visualizer id=”7896″]

Latino Communities Taking the Lead in COVID-19 Rate of Growth

Small Business and Cybersecurity Attacks

Small businesses are getting hit hard. Starting with government directed closures due to the COVID-19 pandemic and now the most recent looting and protestor damage. Small businesses are more vulnerable than ever. If you own a small business be on the lookout for cybersecurity threats and learn more on how to protect your business.

Small Businesses must on the lookout for cybersecurity threats!

Small businesses have been besieged on all fronts. First, out of left field they were struck by COVID-19 and the loss of business. Then knocked down by the most recent violent protests. All these hits create multiple vulnerabilities to yet another threat; cybersecurity attacks. Now more than ever, small businesses need to be aware of an impending cybersecurity breach. Enigma Forensics focuses on cybersecurity and would like to share what are the most common cybersecurity threats and how small businesses can protect themselves.

What are the most common security threats?

There are three common cybersecurity threats each small business owner must be aware of; Malware, viruses, and phising. Malware is an umbrella name for a software designed to attack and destroy computers, servers, and to obtain client information. Malware can be engineered in many different malicious ways. Viruses are designed as a computer program that replicates itself and inserts code into your system to modify existing programs. It basically creates havoc in your system and is extremely difficult to delete. Phising is inserted by a clicking on or opening an email that presents itself as a legitimate email. It sparks curiosity and plays on the simplest of emotions.

What are some easy tips for small businesses to protect themselves?

Enigma Forensics encourages everyone to purchase cybersecurity insurance. This can help defer costs if you are attacked. We definitely suggest to hire a professional to assess your system and identify risks. Another less costly tip is to change your passwords. Make them as difficult and unique as possible and don’t store them on your systems. Be sure to include mobile device security if you or your employees check emails on mobile devices. Train your employees to recognize cybersecurity threats and how to avoid and report them.

Enigma Forensics related articles

Cloud Cyber Risk
Cyber Insurance Coverage

See the link below for The Department of Homeland Security guide

https://www.dhs.gov/sites/default/files/publications/CSD%202018%20Tech_Guide_Web%20Version_508.pdf

Cell Phone Forensics Key to Ending Looting

How can we put an end to this protest? Cell phone forensics is the key to finding out who is organizing violent protests and looting by checking social media sites. It’s that simple!

Chicago Police Superintendent David Brown recognizes social media contributed to the rise in looting

Is Cell Phone Forensics the key to ending the looting? Chicago is reeling back from the third day of unrest and violent protest. Not only are we healing from a global pandemic we are now faced with the threat of violence in all of our neighborhoods. On Monday, we witnessed the third day of violent protest. It was reported that law enforcement arrested approximately 699 people and sadly, 2 people who were shot and killed in Cicero. Feelings of anger, frustration and despair are common threads that bind all of us. The question on everyone’s mind is when is all this going to stop? The Chicago Police department is dealing with a great deal; protecting the neighborhoods and at the same charged with stopping violence. The same violence that was started by a deadly police action.

Many have heard on mobile scanners that hundreds of people driving in caravans are traveling into the city from outside Chicago. Some believe these caravans are organized on social media and are encouraging violent protest and looting. Forensic technology can stop this type of organized violent protest. Once a bad actor has been apprehended, law enforcement needs to perform remote cell phone forensic analytics to discover social media posts, connect friends and followers to thwart passing of information. This is a new age of technology and our police department needs to be able to trace violent networks of people to respond in real time as to prevent personal attacks an property damage.

Enigma Forensics is an expert cyber forensic company that offers forensic imaging of cell phone, laptop and other electronic devices. We are able to analyze the electronic footprint left behind and provide detailed tracing to assist in litigation.

More about expert technology and cell phone forensics

Data Breach Response Experts

Mobile Device Investigation Training

https://www.fletc.gov/-program/mobile-device-investigations-program

Chicago Police Department Learn about Real Technology Behind Crime Solving Efforts

CSI TECH: The Technology of Crime-Solving

What does post COVID-19 look like for businesses?

Open for Business! Chicago is entering Phase 3 of the re-opening of Chicago plan. Some employees are continuing to work from home and others are no longer employed. How should a company get their devices returned or information removed from an employees device? Hire Enigma Forensics to be the go-between.

How to Retrieve Company Information from Employees no longer with the company?

What does Phase 3 mean for Chicago? Mayor Lori E. Lightfoot just announced Chicago is going to open up on Wednesday, June 3. Hip Hip Horay! Will Chicago be the bustling town ever again? Let’s hope so.

Mayor Lightfoot along with the Chicago Department of Public Health have announced a soft opening for most businesses in the City of Chicago. Check out the City’s reopening guidelines at Https://www.chicago.gov/city/en/sites/covid-19/home/reopening-business-portal.html

Even though many employees will be going back to the office, some employees will continue to work from home. What about the employees who are no longer continuing on with the company and have company information and uncompleted work on their personal electronic devices? How does a company retrieve that information?

These are all valid questions and you can bet that most companies were not prepared to address. How should a company go about getting their devices or information removed from an employees personal device?

Your first step should be to call and arrange a pick up of the electronic devices held by the former employee. If you are having difficulty retrieving your company property Enigma Forensics has the answer. In some instances calling on a third party to be the go-between can smooth out any ill feelings. Enigma Forensics can help retrieve property and perform a diagnostic review of the electronic devices. We can identify if any information has been copied or sent via email to an unauthorized third party.

In the future, companies should develop a confidential agreement outlining key information. It’s necessary to virtually adapt if necessary the off-boarding procedure, disabling e-mail, account access, and confirm inventory. Enigma Forensics emphasizes even though the employee is remote be consistent and conduct an exit interview and always utilize e-signature. Be Safe Chicago and Let’s Open UP!

Issues When Working From Home

Issues when working from home are bubbling up. Are you working from the dining room table on important company information? We discuss the importance of forming a work from home policy.

We have reached a new era of remote business at levels few companies ever planned for. We all know, COVID-19 has driven businesses and their employees to operate from makeshift home offices. As a result, many issues when working from home have been exposed. In some of our past blogs, Enigma Forensics has provided insight to trade secret theft and given direction on how to protect company trade secrets from cyber attacks. In this blog we will address the current issues that have risen since we are all working from home.

First and foremost, the mass exodus from the business office to the home office was done at the flip of a switch. Working from home took many companies by surprise, sending employees home expecting this to be a short period of time. Most companies didn’t have time to prepare a proper security plan. In an effort to offer more accessibility to their employees some companies loosened their security standards to allow faster and more convenient access for employees. Some encouraged employees to use their own personal devices. These procedures have increased the risks that companies will be cyber attacked and offer opportunities for trade secret theft and loss of business confidential information. To lessen these possibilities companies must develop policies that address the risks.

Enigma Forensics suggests creating a work from home policy to inform employees of their obligations. Companies need to communicate how important it is to stay secure and that the future of the company depends on it. Employers must insist each employee maintain a two-factor authentication process to secure sensitive information. Each employer must restrict unauthorized access to company data. In other words, keep the kids off the company’s computer. It’s also imperative to prohibit the use of unauthorized third party cloud storage sites, and to make sure to apply security software to protect company data. Most importantly, no sharing of company devices.

Some more simple procedures companies can implement to protect their end points include:

  • Ensure endpoints have patch software and security updates applied monthly
  • Audit and enable Windows Defender or other Antivirus Solutions to protect end points
  • Ensure computers accessing company data are set to auto lock after five minutes of intactivity
  • Provide employees with dedicated work only equipment
  • Audit and ensure satellite workers have a firewall protecting their endpoints from potential attackers

Kids at home with not much to do may be interested in installing the latest video game on your computer which could introduce security vulnerabilities at home.

Enigma Forensics also suggests developing an inventory of what employee has access to which files. Know who is printing confidential information, and identify if family members have access to the same devices. Once all this is mapped out, a risk assessment needs to be conducted. Identify which employees have access to sensitive information should be prioritized and secured appropriately.

Eventually we will all be back working in the office but COVID-19 has exposed the need to increase security and to learn more about how your employees are utilizing company owned devices.

To Learn More About Trade Secret Theft Check out our blog below

Trade Secret Theft
Top Ways to Protect Your Home from Cyber Attacks