Mon, 23 Mar 2020 10:56
With the spread of the COVID-19 coronavirus globally, a majority of businesses are following up on the official advice of social distancing, encouraging employees to work remotely and ensuring business continuity. While remote working has its benefits, it could also lead to potential cybersecurity risks for employers and employees.
Here are some helpful tips for ensuring cyber safety and information security when working remotely.
Work on Secure Network
The first and most important step to working remotely is making sure you are connected to the Internet, ready to connect with your workplace, communicate with colleagues and access business information online. Failing to work on a secure network can make you vulnerable to a cyber-attack, compromising your systems and business information in such a critical time.
Make sure you are using a virtual private network (VPN) or a secure home network with strong end-to-end encryption, for example, Office 365 SSL session. Using an unsecured network such as public WiFi could inadvertently create an access point for hackers and cybercriminals to exploit and make your systems susceptible to cyberattacks.
Secure Your Personal Devices
With so many employees working remotely, many organisations have authorised the use of personal devices when working from home. Using your personal device for work is fine as long as you are keeping it secure and have the most up-to-date software and settings running on it.
It is very important to make sure that you are running the most up-to-date anti-virus software on your device. Anti-virus software carries out regular scans of your computer and removes any malware detected. Make sure you are combining the anti-virus software with a robust firewall – software that monitors incoming and outgoing network traffic on your machine. This will ensure that you are significantly reducing the risks of cybercriminals successfully infiltrating your machine.
Beware of Phishing Attacks
Beware of cybercriminals looking to exploit the current situation on the coronavirus pandemic. Phishing attacks are designed to gain unauthorised access to confidential information through email.
Security experts are reporting a substantial rise in phishing email scams related to the coronavirus – the worst they have seen in years. The BBC has followed up on reports of individuals and businesses being targeted with phishing emails. The campaigns include tax refunds from the HMRC, email attachments from the World Health Organisation (WHO), bitcoin donations to help fight the coronavirus and scare tactics aimed at giving up work or personal email details.
- Never click on links in emails that you receive from people you don't know.
- If you're not expecting an email, always examine the content of the email thoroughly and look out for grammar or spelling of the email – these are the tell-tale signs of a phishing scam.
- If the email is claiming to be from public bodies such as the HMRC or the WHO, don't open these emails as these are well-known phishing scams circulating currently.
- If in doubt, always forward the email to your IT team first and get help in verifying if the email is legitimate.
Keep Business Information Secure
Any business information you access from home will be protected by secure login and password. Be it your work email, online business applications and communications tools. Weak credentials are easily exploited by cybercriminals and setting secure passwords is your first line of defence against hackers trying to gain unauthorised access to businesses' systems.
Use strong and unique passwords each time and make sure they are a combination of letters, numbers and characters. Apart from setting up secure passwords, try using multi-factor authentication for your organisation's systems. Multi-factor authentications work by verifying user identity by multiple credentials, normally a password and a code sent to the user's phone by text or an additional security question.
Effective information security is key to optimising business information while remote working. Keeping information security risks under control will not only protect your own interests, but also those of your organisation, your customers and all other individuals or organisations that you hold information about.
Here are some more helpful tips and resources to help you while remote working:
Remote Working awareness course
Try our Remote Working awareness course to stay safe and healthy away from the office.
Information Security awareness training
With the flexibility to work from home in the current climate, it's a great time to refresh your knowledge of keeping business information secure and working safely online. Try our awareness training courses on key information security topics to working safely and securely away from the office.
Business Contingency Plan (BCP) for Infection Outbreaks
A blog post with helpful tips for businesses on drawing up a business contingency plan and ensuring business continuity.
Mental Health While Working Remotely
A blog post with helpful tips on how to care for your mental health while working from home for longer periods.