2020 brought a historic shift in the job market due to the Covid-19 pandemic, whilst companies used home working as a perk before, this has now become the new norm. Now in 2021 the percentage of workers permanently working from home/remote working is expected to double, according to a survey from Enterprise Technology Research (ETR). With this knowledge companies will need to become more alert of the significantly increasing threats that come with remote working, ransomware, data breaches and cyber attacks are to name a few. The 3 major risks we will discuss tips for are: Phishing Scams, Home WiFi Security and Password Security. PHISHING SCAMS Scammers are leveraging the Pandemic to launch new phishing scams and resorting to new tricks and techniques to increase the success of their operations so it is vital that remote workers be more wary than ever. 1.Do not open or download any attachments such as links or files sent over in emails claiming to provide Covid-19-related information. These are perfect guises for phishing attacks, if in doubt contact your IT department. 2. Offer training/Re-training for staff on how to identify and mitigate phishing attacks. Running internal tests can benefit your company’s security exponentially. 3. Watch out for Pretexting – Attackers often attempt to impersonate a known person or entity to obtain private information or carry out an action, it is commonly executed through email or text message. Always check the email address of the sender. HOME WIFI SECURITY It is imperative that your home WiFi set up is secure. Cyber attackers will look to exploit the vulnerable who do not have the proper and effective security methods established in their home office. 1. Use devices provided by your company rather than personal devices as this carves out boundaries. Personal machines may also have fewer security controls than your company-owned hardware. 2. Secure the gateway - Your Router. Attackers are known to compromise home routers with default credentials that users often neglect to change. It is good practice to change the password to your router regularly. 3. Use company designated VPN's. Use the dedicated enterprise VPN servers only on your work laptop or desktop to make the connection between your network and the office’s secure. If VPN connectivity is not on the table, ensure that data communication is done via encrypted email or Pretty Good Privacy (PGP) encryption. PASSWORD SECURITY Passwords still remain one of the primary security measures for the majority of businesses. Paying attention to password security tips and best practices will protect your business against cyber-attacks and data breaches. 1. Create strong & unique passwords, it is essential to make sure they are difficult to crack. You could even go an extra step and never use the same password for more than one account at one time. 2. Set up Multi Factor Authentication (MFA) to deter hackers from accessing company data. By adding a second layer of authentication, this can protect the company even if someone’s password has been stolen. 3. Investing in a password manager is a MUST. They have the ability to safely store all of your passwords for many sites, so all you have to do is remember the main vault password and use the convenient Autofill feature.
It is better to be proactive than reactive. The move to large scale remote work has left numerous organisations more vulnerable than ever, cyber attackers will take advantage of this. Following these tips will be a start to protecting your data. If you would like to find out more on how we can help manage your security, please contact us on 01908 870360
Author
Rebecca Boff - Marketing Co-ordinator
