Working from home? 4 tips to help you stay cyber secure
Over the past few weeks many of us have experienced some sudden and significant changes to our day-to-day life. One big change has been the fact that more employees than ever are now working from home, many for the first time.
You’ve no doubt seen one of the many articles now circulating on social media offering tips to help you and your employees work more productively at home. One important area we’ve not seen as well covered, however, are the cyber security risks you should be most aware of when working from home.
Working from home can be challenging at the best of times. You may not have all of your usual equipment, you’re not in your usual routine and – if schools are closed in your area – you may be trying to work while also having children to entertain. Given all of this, you may not be as alert to some cyber threats as you may normally be.
To help, our experienced team of cyber security consultants have highlighted four key areas you, and your employees, should be aware of when working from home to keep you and your organisation cyber secure.
Stay alert to phishing emails
Phishing attacks remain a huge issue for businesses today. Attacks on corporate email systems are the most common cause of fraud and data loss.
If an employee becomes a victim of a phishing attack, by clicking on a link in a phishing email for example, the hacker may gain access to not only their email but also your organisation’s systems. They may change or divert their emails, or install malware or ransomware to prevent you from accessing vital systems and personal files until a ransom is paid.
Phishing emails are becoming increasingly difficult to detect as they become more sophisticated. Cyber criminals will undoubtedly be seeing the increased number of remote workers as an opportunity, as you may be slightly less inclined to spot a phishing email than normal – especially given these current unusual times.
We would encourage your team to remain as vigilant as possible. Some quick tips to help identify a phishing email are:
- Always look at the sender’s actual email address, not just their sender name.
- Look out for spelling mistakes or grammatical errors.
- Don’t open suspicious looking attachments.
As attacks are becoming increasingly complex, highly targeted and performed on such a large scale, we’ve recently started offering a Phishing Awareness Training service to help ensure you and your team are familiar with the latest phishing threats and techniques.
Set-up multi-factor authentication
Multi-factor authentication provides an extra layer of security to help reduce the risk of a hacker gaining access to your data and systems.
It’s an authentication method where the user has to produce two or more pieces of evidence that they have permission to access a system. For example, when you login to your internet banking system you may have to enter a password and then provide a code which is texted to your registered mobile phone.
If you haven’t already, we recommend you and your team set-up multi-factor authentication to your email accounts, as a minimum, straight away. This will mean that a hacker will have to guess more than just your password, which will go a long way in helping to prevent them accessing your critical applications and possibly saving you and your organisation from a data breach.
Keep up-to-date with the latest security patches
You’re just getting in to the flow of working from home when a pop-up appears on your computer saying: “Restart your computer to finish installing important updates.” While it’s tempting to dismiss it for now and deal with it later, our cyber security experts strongly recommend that you install any genuine updates like this immediately.
Although they can be frustrating, it’s these important updates (known in the industry as “patches”) that help keep your software and devices up-to-date, and fix and newly discovered security vulnerabilities before they’re exploited by hackers.
Regular patch management is essential. Without it you’re potentially leaving security holes in your organisation’s network that could lead to one of a growing number of ransomware attacks. This is where your systems or data are accessed by cyber criminals who then encrypt it until a ransom is paid.
A UK Government survey found that 60% of organisations which were victims of cyber security attacks were breached due to an unpatched known vulnerability being exploited i.e. if they’d just installed the available update, the attack could potentially have been avoided.
To minimise the risks to your organisation, it’s important that you keep up-to-date with which security patches are available and regularly install updates to patch all of your servers, devices and software as soon as possible.
Back up your data regularly
When working from home it can sometimes be tempting to save documents to your desktop rather than saving to your organisation’s network, as you should. Maybe the VPN isn’t working temporarily, or your internet connection keeps falling over, so you quickly save the important document you’re working on to your laptop’s desktop, with the intention of moving it later. Are you sure this will be backed up somewhere if you accidentally knock that cup of coffee over the laptop?
Regular backups of your and your organisation’s critical data, documents and systems are essential. Without them, the impact of a hack or technology failure could be catastrophic. Backups can ensure all of your data is safeguarded and protected. If a data loss does occur a backup can help restore order to your world.
Learn more about cyber security threats
Interested in learning more about cyber security? We recently produced a free downloadable guide to “Making Cyber Security Simple” Download your copy here.
CQR is an award-winning, independent cyber security company operating globally from offices in the UK, US and Australia.
We were founded with the mission of making the world a safer place. With an ever-increasing number of threats, we remain as focused as ever on ensuring our clients’ information and people are protected, so their businesses can thrive. Get in touch to find out more about how we can help you and your business