Stepping up cyber security for home workers
With millions of people working from home following the Government’s lockdown, businesses are facing technical challenges as well as those more directly related to the pandemic.
The directive that all businesses should work from home where possible meant that IT support teams, often overstretched already, faced making sure staff were able to continue to function productively and efficiently sometimes in just hours.
Now that we are well into the lockdown, social media is full of photographs holding virtual meetings via apps like Zoom, and the professional services community is getting used to holding meetings with clients via Whatsapp and FaceTime.
But there are risks to taking staff out of a secure office environment where internet traffic and emails are protected against cyber attacks, and staff are regularly warned about the latest phishing email.
The National Cyber Security Centre, the UK’s independent authority on cyber security, recently revealed a range of online attacks carried out as criminals look to exploit Covid 19. The organisation reports techniques including bogus emails containing links which, when clicked, will infect a computer.
The World Health Organisation even warned of fraudulent emails sent by criminals posing as the organisation.
So, what should businesses do to ensure security is not compromised while staff are working from home?
Tighten up polices and procedures
It may be tempting for staff to take a little less care when not in the office with colleagues, but it’s important for everyone to remember they are still working, still representing a business, and still have their part to play.
Make sure to remind employees of the company’s IT policies, which will still apply during this period – those governing social media use, personal emails, being aware of common phishing email techniques. All this can help put the basics in place.
Working from home policies should not be that different from those in place when working from an office, but businesses should work with their IT support teams to update them to include any issues this extended period of home working might throw up.
Staff should receive training on the equipment they are using day-to-day and know their responsibilities. It should also remain very easy to report any issues.
Use safe and secure equipment
Ideally, employees will not be using their own equipment – there is no guarantee that the levels of security installed on a private computer match those in place on a company-owned workstation or phone.
Even if using company equipment, staff are more likely to lose or have devices stolen when they are out of the office so these devices themselves should be secure with password or fingerprint access and the ability to be locked or even wiped remotely if necessary.
Password management tools can offer a secure way to share logins for a variety of websites securely rather than risking sending details over potentially unsecure emails.
Work with experts
Internal IT support teams and external companies will be best placed to advise on the practical steps to take – remote workers may need specialist software to access files and may need guides on how to use them.
Companies will need a policy on what tools to use for video conferencing, sharing documents and chatting – PC and Mac users, Android and iPhones all offer very different solutions, but a business will need something that works for everyone quickly and easily.
We have launched a dedicated Coronavirus Planning and Guidance hub to bring together information about all the support available to businesses.