Staying Safe Whilst Working from Home
For many businesses, working from home (WFH) looks like it is here to stay even after the COVID-19 pandemic is over. Companies are typically looking at a hybrid model where staff split their week between home working and working in the office. Cybercriminals are as usual quick to exploit any vulnerabilities so it’s important to ensure your security is at the appropriate level.
Train your employees on cybersecurity – phishing email and passwords
It is vitally important that all employees are trained on the basics of cybersecurity and this importance can only be emphasised when working from home as additional risks come into play.
Phishing emails are a common technique that cybercriminals use to access your network and steal your data so training your employees on the signs of phishing is very important. It’s also worthwhile doing training refreshers on password creation and security, ensuring passwords are both complex and unique. Using passphrases is a good method, for example taking the first letter from the words of songs and adding numbers and special characters.
Use a VPN
A Virtual Private Network (VPN) creates an encrypted tunnel and is essential when working remotely or from home. If you are accessing your network remotely without a VPN you could be leaving yourself vulnerable to cyber threats. Not all VPNs are equal and, especially if you have been using the same VPN method for a long time, it’s worth Googling the vulnerabilities of your VPN as well as making sure you are using the most up-to-date version.
Two-factor authentication
Using two-factor authentication is becoming increasingly common. You should look to implement this wherever it is available and ideally on your VPN and webmail. This means an attacker not only has to know your password they also need access to your text messages or authenticator app on your mobile. This is significantly more secure.
Device encryption
Ensure the devices being used at home are encrypted. Windows 10 Pro provides encryption and is likely to be commonplace on work laptops but if staff have taken home desktop PCs then they should also be encrypted to protect data in the event of theft. Make sure you have the decryption keys in case you need to recover data due to a lost password.
Anti-virus
Ensure all machines connecting to your network have regularly updated anti-virus software even if staff are using their own machines. Ideally use the same anti-virus you use at work. Some supplier licenses allow staff to install the software on their home PCs at no extra cost.
Wi-Fi and Network security
When working remoting you should always avoid using public Wi-Fi. Cybercriminals can use an insecure/public connection to plant malware onto the Wi-Fi. If you download or share files once you are on an insecure connection you could be potentially installing malware onto your device. Depending on the type of malware it can be used to steal sensitive business information.
Keep everything on your computer fully updated
It is vitally important that you keep all of your devices up to date as many of the updates will provide new security features to help protect your device against new threats. The easiest way to do this is to enable automatic updates on your device or force updates via automated policies.
How can we help?
At Hawsons we have a dedicated team of specialist technology and IT accountants at our offices in Sheffield, Doncaster, and Northampton.
