Just as many of us are back to working from home, phishing and other cyber attacks are on the increase. This means it is now even more important for businesses to ensure that remote working practices won’t inadvertently risk a cybersecurity crisis.
In our latest blog post, we have shared our top cybersecurity tips to help your business maintain security standards, even whilst your colleagues work at home.
1. Connect to the office via a Virtual Private Network
For an extra layer of security and encryption, always use a VPN (Virtual Private Network to connect to your office securely). Most workplaces now have these installed on machines however VPN should also be used to connect when working from home. Your IT technicians will be able to connect devices used at home to make sure your network and private data remains cyber secure.
2. Never work on an open WIFI without VPN
It might be tempting to connect to a friendly neighbour’s or a public wifi network but it’s critical not to do this for private or work-related purposes without a VPN. With an unsecured network, it’s impossible to know whether you’re inadvertently giving away your credentials to cybercriminals. A VPN connection will improve your cybersecurity when working from home on an open network.
3. Ensure all users are trained to spot phishing emails
With many of us self-isolating and working from home, there is an understandable appetite for news on new developments. However, it’s important that workers are aware that reliable COVID-19 news almost certainly won’t be delivered by unsolicited email.
Make sure your employees are aware that they should not click on links or attachments in any unsolicited emails offering help or advice relating to COVID-19 (or really any other significant global events that may be occurring). Stay up to date using reputable news providers and trustworthy government websites only.
4. Watch out for phishing emails that look like they’re from colleagues or contacts
With identity fraud on the rise, unfortunately its necessary to be careful even of emails from colleagues or contacts.
With interception or “man in the middle attacks” cyber hackers can clone an email address to send fraudulent emails. So for example, you could receive an email from a colleague that looks perfectly fine. It has your colleagues email address and usual email signature but its actually from a hacker, possibly asking you to complete a task. The key to avoiding this kind of con and remaining cyber secure is communication. If an email request seems slightly unusual or is asking you to transfer money, confirm the request with a phone call. With many of us working from home and not next to each other in the workplace, phishing attacks have a higher likelihood of success.
5. Check that your home router is secure and WPS is disabled
With TVs, baby monitors, smart speakers, doorbells and even lightbulbs connected to by wifi, we provide cybercriminals many potential routes into our home networks. To ensure your home network is cyber secure and protect your work devices, make sure that your home router is password protected and WPS (push button) is disabled.
6. Consider using multi-factor authentication (MFA) where possible
What is MFA? We know that passwords can be easily compromised. MFA immediately increases your account security by requiring multiple forms of verification to prove your identity when signing into an application. This extra layer of security can improve the cybersecurity of work applications.
When two-step verification is turned on, every time you sign in to an untrusted device you’ll get a security code by email or on your phone, to make sure you are indeed you. If you’ve turned off two-step verification, you’ll be sent security codes periodically, whenever there’s a risk to your account security. With Microsoft MFA software, you can use the Microsoft Authenticator app to help to sign-in without passwords if you don’t want to use email, a phone call, or text. Microsofts multi-factor authentication is a good choice for businesses to use in conjunction with Microsoft 365.
7. Be careful to protect confidential print outs
At the office, it’s likely you will have specific recycling bins for confidential paperwork. Of course, this facility is unlikely to be available when at home. Consider providing your employees who work from home the facilities to effectively destroy confidential printed documents. Alternatively, advise your team to safely store print outs until they can be taken to the office to be disposed of them securely.
8. Put it away
To avoid loss or theft of work documents and devices, advise your employees to get into the habit of putting print outs and devices away at the end of each working day.
9. Provide employees with cyber secure devices to work from
If you allow employees to use their own equipment to access work they can become an easy target for hackers. When using their own equipment its impossible to ensure staff keep their security software up to date. If the cost of purchasing new laptops and other devices is a barrier to providing staff with the technology to work from home. Leasing equipment is a useful option. Get in touch with us for more information on this.
10. Don’t take risky shortcuts
Due to the increased numbers of people working from home, internet bandwidth may be more limited than usual.
Be aware that you may experience slower speeds than expected. It’s crucial to the security of your network to resist the temptation to work around existing security measures to save time. Risking compromise of the whole network and its existing web security standards is not worth the few seconds you may save. As part of cybersecurity awareness training, employees who work from home particularly need to be made aware of the risks of taking shortcuts.