woman on computer

Cybersecurity is critical during these times

Cybersecurity and remote work: Voya’s commitment to safety

When COVID-19 hit, legions of employees decamped to their homes to keep businesses running. Within a moment’s notice, organizations were forced to ensure employees had the technology required to maintain critical operations — from laptops to video conferencing capabilities. In this hurried shuffle to remote, work-from-home arrangements, cybersecurity may have been an afterthought for many businesses. But it was certainly on mind of hackers and nefarious individuals. Let’s take a closer look at the impact of COVID-19 on cybersecurity and how Voya’s S.A.F.E Guarantee offers plan sponsors and their employees an added peace of mind

Working from home presents challenges beyond connectivity

Nearly 75% of IT leaders say they weren’t prepared for this huge shift to remote work, with almost 30% saying that technology was their most significant issue, according to a recent Xerox Future of Work Survey. Topping the list of concerns was ransomware, according to 80% of the respondents to a survey from WSJ Pro Research, with fewer than 70% prepared to deal with this threat.

That caution is well-founded. More employees working from home equates to expanded opportunities for nefarious individuals and targeted deceptions. Between January 1 and June 8, 2020, the Federal Trade Commission (FTC) had received more than 91,000 complaints of COVID-19-related scams, with reported losses over $92 million.

Remote workers are particularly at risk for several reasons:

  • Hackers can find multiple access points as employees connect from unsecure and/or diverse locations.
  • Personal equipment may unknowingly be vulnerable since safety teams may not be able to monitor these devices like company property.
  • Even company-sponsored devices could be vulnerable if security software isn’t updated or a remote network connection isn’t optimally configured.
  • These vulnerabilities combine to make work-from-home teams a potentially easier target for hackers to exploit.

The value of stringent protocols for client security

At Voya, we recognize that any threat to personal and plan information may significantly impact our customers’ financial futures and lives. Because of this, we have taken a proactive approach to safeguarding the personal and financial information of those we serve— even before COVID-19.

And we are continually evolving our strategies to adapt to new threats and evolving best practices. We know that end-to-end cybersecurity is about more than technology, so we’ve invested in the right people, technology and processes to help keep our clients’ plan information safe. Some of the key steps we’ve taken to ensure security include:

  • Virtual Private Network (VPN) capabilities increase security by creating a direct connection between remote workers' devices and company networks and servers.
  • Clearance and approval for remote working arrangements are required by Voya’s Technology and Security Risk Management team.
  • End-point surveillance to guard against inappropriate use of and unauthorized intrusions against company assets.

Because hackers and nefarious individuals never take a break, our strategies revolve around an ongoing priority to:

  • Increase cybersecurity and fraud awareness communications across the enterprise
  • Strengthen guidelines regarding employee use of company assets
  • Conduct weekly meetings of a cross-functional team to share information and maintain a consistently high level of vigilance across the enterprise
  • Enhance capacity in hardware and licenses to our VPN and multi-factor authentication (MFA) infrastructures
  • Perform steady enhancements to our existing anti-fraud program.

Protection during video conferences

As virtual meetings became a workplace staple, many work-from-home employees fretted about coworkers catching glimpses of their pets or dirty dishes. However, it soon became apparent that video conferencing opened the door to far more nefarious issues, including meeting bombing —where uninvited guests joined meetings to disrupt or listen in on the conversation.

To create a safer and more productive environment, there are several cyber security video conferencing best practices businesses can implement. At Voya, a few of our key strategies include:

  • Disabling chat and recording by default
  • Disabling file sharing 
  • Passwords and extra verification steps required to prevent uninvited attendees from accessing the meeting.

Securing client data through cybersecurity and fraud prevention

Voya is committed to safeguarding the integrity and confidentiality of your plan from the risk of fraud, cyber threats and unauthorized activity.  As part of this effort, we have established the Voya S.A.F.E.® (Secure Accounts for Everyone) Guarantee. If any assets are taken from an employee’s workplace retirement plan account due to unauthorized activity and through no fault of their own, we will restore the value of the account —subject to a few key steps being satisfied. At Voya, we take the issue of fraud and cyber risk seriously, and we’re focused on doing our part to maintain your trust and confidence.  

As we navigate new workplace norms in these precarious times, we are certain that we stand together in our commitment to customer security.

Read more on this topic: