With the UK government ordering a lockdown in the Spring of 2020, the number of people working from home has soared. Even before the coronavirus outbreak, the Office For National Statistics estimated that almost nine million Brits worked from home at least once in 2019.
Working from home presents a range of cybersecurity issues and vulnerabilities:
- Staff using their own computers (which might not have the same security settings)
- Non-staff (friends, family) being around sensitive information
- Personal and corporate accounts (email, social media) on the same device
- Weak passwords, slack cyber hygiene, reduced vigilance
Any of these problems could lead to catastrophic consequences for your business. For complete peace of mind when your staff are working from home, try one of our complete managed website security packages.
In today’s article, we’ll give our top tops for making sure you stay protected even when you and your staff are working remotely.
Cybersecurity Risks When Working From Home
In a previous article, we talked about the rise of phishing attacks in the age of coronavirus. Today we’ll talk about two more cybersecurity threats that are common right now.
1. Compromised VPNs
A Virtual Private Networks (VPN) is a fantastic tool to allow staff to access their work files without leaving the house. Unfortunately, a weak or compromised VPN is, in many ways, even more dangerous than a single compromised device.
Imagine one of your team has a laptop infected with malware. As soon as he connects it to the VPN, a hacker could use the malware to access all the work files, passwords and sensitive data of your business.
2. Compromised Locations
When your staff are in the office, they are working in a controlled environment. You can control what’s on their computer, what networks they use and even who comes in and out of the building.
Now imagine they are working from home (or in a coffee shop). Ask yourself the following questions:
- Can someone else see their screen?
- Can another person see notes around the computer?
- Might they be overheard on the phone or Skype/Zoom?
- Could someone else see them enter a password or login credentials?
- Are they using an insecure network to connect to the internet?
If you answer “yes” to any of these questions, you might have a cybersecurity problem. In the next section, we’ll explain how to best prevent cyberattacks in these situations.
Remote Working Cybersecurity Tips
Cybersecurity always comes down to two things: technology and people.
1. Technological Solutions
For larger companies, or any business that deals with sensitive client information, we would always recommend a fully managed website security package. However, here are some tips if you want to handle your own cybersecurity:
- Add 2-factor authentication to all sign-ups
- Make sure the VPN you’re using is secure
- Consider adding restrictions to which files and systems can be accessed remotely
- Ensure you back up files and data in case of a remote breach
- Make sure your website is well protected (do you have an SSL Certificate?)
Many of these tips are simply good cybersecurity best practice, but they are even more important when most staff are working remotely.
2. People & Training
We already have a great article on How To Educate Your Employees On Cybersecurity Awareness. So here are a couple of extra tips specifically targeted at staff working remotely:
- Make your staff aware of the rise of coronavirus phishing attacks. If in doubt, they should contact the senior IT officer at the business.
- Stress the importance of privacy when working on, or discussing, sensitive company business.
- Make sure the internet connection is secure.
- Make sure the device they are using is free of malware.
- Lock devices every time they leave their desk.
Cybersecurity starts with proper training and awareness. This is even more important when you’re not all in the office together. So start thinking now about how you communicate these issues to staff.
If you have a number of staff currently working from home, please get in touch. One of our experts is always on hand to answer any question you might have on cybersecurity and website protection.