Social distancing is one of the many measures introduced by governments across the world to help prevent the spread of COVID-19. For almost all businesses this has meant an unexpected shift in the ways they work. These changes bring a whole series of cyber security challenges to organisations, here’s how you can work remotely while remaining safe and cyber-secure.
Moving from the trusted and secure office to home-working at short notice left many businesses frantically scrambling around to trying to get the tools and processes in place to allow their workforce to work from home. The challenges of ensuring everyone had the right laptops, telephone systems and software made it easy for businesses to lose sight of the importance of cybersecurity.
Whilst some businesses were prepared, others that have never had to consider remote working before have had to change the way they work without notice or planning. Remote working means a rise in the number of employees using online tools, remoting into working environments via their own Wi-Fi networks and a rise in the number of devices they are using in their role.
Some things are out of your control, but as a business owner or employee working from home, there are some best-practices you should follow that can go a long way towards helping protect you and your business when working away from the office.
We spoke to James Adnitt, Cyber Protect Officer for the Cyber Crime Unit of Hampshire Constabulary who said “Phishing is often done by way of email, text and cold calls, where a criminal will try and get you to give away your personal details, click on links and attachments, or sign into fake login pages. For phishing to work they need a ‘lure’, a way of making us interact with them. The Coronavirus pandemic has created the perfect ‘lure’”, as we are all engaged with it and it affects all of our lives; because of this we are much more accepting of being contacted by unfamiliar people or organisations, and accessing websites we haven’t used before.” James’ advice was to “Please be extra guarded against COVID-19 communications asking for any type of response or interaction, including clicking on links and attachments.”
Your office Wi-Fi will probably be secure, encrypted and hidden. Most Wi-Fi systems at home these days are correctly secured, but some older installations might not be. If your Wi-Fi system at home is not secure or password protected, we suggest getting this fixed, immediately. Also, as cafe’s, restaurants and other public places begin to open you may find yourself accessing public Wi-Fi networks more and more. However, using shared, public Wi-Fi makes it easy for cyber criminals to intercept your online traffic, so if you have no choice – consider using a VPN (Virtual Private Network). Some examples of VPN’s include ExpressVPN, NordVPN, TunnelBear, Windscribe, Norton Secure VPN.
This is a given and should be followed whether you’re working from home or at work. Simple passwords will make it easy for cyber criminals to login to your companies’ network and access private data and the results can be extremely damaging. Having a more complex password makes your accounts harder to hack. The best way to create a password is by using a sequence of three random words that you’ll remember. Containing a mix of special characters and capital letters makes it even harder!
Software updates help mitigate against the risk associated with security breaches and patch any known security vulnerabilities, cyber criminals look for weaknesses in software exploit – so keeping up to date is essential. Make sure you use the latest versions of apps and software and next time, instead of clicking ‘Remind me later’, it’s probably a good time to finally give in and update any systems you use.
As suggested by the National Cyber Secure Centre, to check if your account has been compromised (usernames and passwords leaked), enter your email address into the following web page: https://haveibeenpwned.com/. If your email account has not been compromised, it will say “Good news – no pwnage found!”
If your account has been compromised a red banner will appear saying “Oh no – pwned”. Below the banner are details of the breach(es), including:
You can use the “Notify me” feature on the website to be notified if your email address appears in future data breaches.
Finally, for more information about free cyber products and services available to small and medium enterprises James suggested watching this video: https://youtu.be/0al5fRc7pNQ.
Solid8 helps companies focus on their core skills by providing outsourced business services, enabling them to streamline internal resources and focus on front-end operations, while support functions are handled by skilled and dedicated teams that immerse themselves in the business. As an integrated extension of the business, Solid8 works hand-in-hand with internal teams to lighten the load, while maintaining the exceptional service standards that clients’ customers expect.