Cyber security has become a growing concern for companies as they face dozens of cyber attacks each week, especially with more staff working from home. For example, here are just a few of the current trends that you may recognise. Your staff may receive:
- Emails supposedly from their Helpdesk asking them to change their passwords
- WhatsApp messages pretending to be from the CEO asking for money to be transferred
- Emails saying that the user has been in contact with someone who has COVID-19 and needs to click a link
Having staff working from home during the lockdowns has made the situation worse, as it is much harder to manage everyone remotely. With one in three UK workers currently based exclusively at home, this remote working on a vast scale continues to be a major headache for IT departments, and standard processes and protocols are far harder to administer remotely.
Recent studies show that many firms are not taking the issue as seriously as they should. For example, according to a recent survey, one in five UK home workers hasn’t received any training on cyber security. A separate study last year found that 57% of IT decision makers believe that remote workers will expose their firm to the risk of a data breach. This was made worse at the beginning of the pandemic due to the rush to set up remote working practices, leading to even the simplest data protection practices being ignored. In most cases, companies did not provide additional security relating to computers, electronic communication, or phones.
So, what can companies and home-working staff do to make things as safe and secure as possible?
One key area is to supply staff with laptops and other equipment that are owned, controlled, configured, and locked down by the company. This can alleviate the burden on your staff to set things up correctly and ensure they adhere to the company’s security controls. This should hopefully mitigate your employees’ PC or laptops, on which they were doing confidential work during the day, potentially becoming more at risk from malware if used for their own personal use in the evening.
Cyber Security: Mitigating the Danger
There a number of avenues to follow to help secure you data. If an employee falls victim to an attack, make sure that they know who to contact, and that their alert is positively welcomed, as you don’t want people afraid of repercussions and thus covering up mistakes.
- As mentioned above make sure that there is a virtual private network (VPN) set up so that remote computers have secure and encrypted connections with the firm’s servers, and everyone else in the company.
- Ideally provide work equipment, fully secured and locked down (a good tip would be to disable USB ports).
- Make sure that the documents are automatically backed-up to something like One Drive, or a secure end-point backup solution.
- If feasible, issue them with secure wireless network devices which will automatically attach to your WAN.
- Provide users with regular training on cyber security documents and test this training.
If you need expert assistance with your cyber security regarding your home-working employees, then reach out to CiContinuity. One of our technical consultants would be happy to discuss this with you and identify some quick and easy steps you can take to protect your IT now and in the future.
Key Takeaways
– Remote working has increased the volume and impact of cyber threats, making secure IT practices more critical.
– Common attack methods include phishing emails, impersonation via messaging apps, and fake COVID-19 alerts.
– Many employees lack the training and equipment needed to recognise and respond to threats effectively.
– Organisations should issue pre-configured and secured work devices to staff wherever possible.
– Enabling VPNs, backing up data, and disabling USB ports are simple yet effective steps to enhance security.
– Employees should be encouraged to report incidents without fear of blame, enabling faster responses to breaches.
– Regular awareness training and simple technical safeguards help protect company data and minimise risk.
