Cybercrime has spiked since the start of the coronavirus pandemic. To adhere with government guidelines many employees are now working from home. Sadly, this leaves businesses more vulnerable to cyber security issues and criminals are taking full advantage. It is therefore essential that you are extra vigilant and ensure extra security measures are in place to prevent cyber-attacks.
For some businesses this period has been a great opportunity to consider the advantages of remote working and re-assess working practices and efficiencies but for others, due to how quickly the pandemic spiralled, many businesses moved to remote working in a very short space of time and without plans or the infrastructure ready. Consequently, many employees are using their own devices which are not always configured with the same security protection as company provided machines.
The current situation allows criminals new opportunities to take advantage and exploit our greater use of the internet and technology such as emails and video conferencing. Phishing scams have been particular popular as they can be difficult to spot, they are usually by email but can be by text, phone or on social media and can be as simple as clicking on a bad link, this then allows attackers to install malware which can sabotage systems, accessing data and finance systems.
Remote working presents many cyber security challenges, here are a few steps you can make to minimise the threat on your business:
1. Employee vigilance
Educate your employees of the risks they may face while working remotely during the coronavirus pandemic, how to spot phishing scams, how to protect sensitive information and what to look out for. It’s key to keep employees up to date on new scams in the marketplace and to ensure that you have procedures in place for what to do if they accidently click something they shouldn’t and how to report it.
2. Execute security measures
Security measures need to be fully optimised and you should ensure all devices are secure. Many home devices will not have the same protection as company devices and without security protection in place such as firewalls, anti-malware, anti-virus software etc., your business is far more vulnerable to cyber-attacks. Once installed make sure these are regularly updated too. If staff do use personal devices, it’s recommended that they separate out personal and businesses accounts to avoid contamination and impact if an account were to be compromised. You may wish to consider investing in Cyber Security insurance so that you are protected if the worst should happen.
3. Control access to systems
Consider how your employees access your systems and work files, whether is it through an online file share or a virtual private network (VPN), user accounts and strong passwords are essential. VPN’s can provide a secure link between employees and businesses, allowing employees to access company systems and files securely. If you are already using a VPN then you need to ensure that it is fully patched with the correct number of licences to ensure your business has the capacity for all your employees to work remotely.
4. Have clear working practices
Ensure you have a written policy, defined procedures to support your home workforce and give clear instructions as to what is required and expected of employees whilst working from home. For example, security requirements such as locking computers when not working on them, having a clear desk and screen policy, ensure that employees understand rules around use of unauthorised software, data control and device maintenance.
5. Provide a secure platform for online communication and data sharing
Consider how your company communicates and interacts with clients and employees. Consider how teams collaborate and share screens whilst working at home, especially in these circumstances where face to face or group meetings are no longer an option. Video conferencing has become more prevalent and measures need to be made to ensure these meetings are private, e.g. having a separate login code for each meeting.
For help and advice to avoid any cyber breaches impacting your business or to discuss you business continuity plan, contact us and we can put you in touch with our recommended IT providers who can advise you on the best ways to protect your business. Call us on 03330 433 233 or email firstname.lastname@example.org.