As COVID-19 continues to spread, businesses are conducting the largest work from home experiment ever seen.
Whilst working from home is usually associated with freedom and flexibility, it is in fact a time when a little more thought is necessary; employees need to understand that the cyber risks they face are increased simply because they are operating outside of the protected corporate network.
We suggest where you can start with these Top 5 Security Tips for creating a secure home office.
1. Secure your physical workspace
- Look after your business assets, keeping sight of them always or having them securely stored.
- Lock screens using the most secure method when not in use.
2. Basic password hygiene
- Use only strong passphrases made up of random, easy to remember words. The longer the better. For example, ‘Hedgehog_finite_minus’ which would take multiple centuries to crack. https://www.ncsc.gov.uk/collection/passwords/updating-your-approach
- Set-up multi-factor authentication on all accounts.
- If available, set-up biometric logins on your phone and computer.
3. Ensure up-to-date antivirus is in place
- Perhaps the most basic; web filtering, firewalls, device encryption are important.
- Personal devices should not be used for sensitive and business critical activities; staff working remotely need to be provided with the equipment they need.
4. Use a VPN
- Always use a private network or VPN when browsing online. If abroad check local laws – VPNs are illegal in some countries.
- Public WIFI should not be used for any sensitive information or business critical activities without a VPN. Tether to a mobile over 4G or 5G for more security, but do beware of roaming and data charges.
- Uncheck any options to remember your login information when on a public network.
5. Email encryption and best practice
- Implement and use an email encryption solution.
- Be aware of phishing attacks; these are still the most common form of cyber attack and they succeed. Consider refresher training now.
- Refrain from sending information like logins and passwords via email, even (or especially) between colleagues (for example as password resets).
ITC Secure has an established methodology for assisting businesses in achieving great cyber security and for ensuring their employees are aware of cyber risks.
Get in touch if you have any further questions on working from home securely or would like us to support you with maintaining effective business continuity for your business.
