We are facing the prospect of working from home for the foreseeable future. This will cause security issues for your business. A lot of cybersecurity is set up for employees working in the office and as many businesses were rushed into working from home there are likely to be vulnerabilities that cybercriminals are looking to exploit.
Sadly the threat of cyber attack and data breach is not going away as we work through this pandemic. The increased opportunities will cause an increase in potential attacks. So it's important to keep your cybersecurity strong even as we work from home.
To help you we have 8 cybersecurity tips for working from home that will help secure your business.
Use strong passwords
We have been speaking about using strong passwords time and time again and that is because they are essential. Your passwords are protecting your accounts, your applications and security tools in your business. Yet people are still using weak passwords across multiple accounts.
We have already written an article on how to set strong passwords. This will help you and your business set passwords that are impossible to crack. Start using them in your business and it will act as a very secure first line of defence.
Use Multi-factor authentication
Once you've set your strong passwords set up multi-factor authentication (MFA) to further protect your accounts and applications. Even strong passwords by themselves are not enough, your credentials could be leaked after a data breach. To further protect yourself use multi-factor authentication.
MFA requires an extra step of verification after using your passwords. You will have seen it already as most banks are set up with MFA now. You can find out everything about multi-factor authentication here.
Use business devices (where possible)
One of the biggest variables in cybersecurity are employees using their own devices. There are plenty of advantages for staff using their own devices but it can create an IT security headache. For starters, you don't know if the device has been infected or not and the owner might not know either. When they connect to your network they could infect the whole business.
Where possible have your staff use company devices even when they are working from home. That way you can better ensure the device is 'clean' and won't pass on a virus. If your staff have to use their own devices then install anti-virus on them and follow the next tip.
Use a VPN
A VPN has an important role in improving your online privacy. VPNs allow users to connect to private networks from the Internet in a secure manner. A VPN encrypts all of your internet traffic so that it is unreadable to anyone who intercepts it. This keeps it away from the prying eyes of any cybercriminals.
You will also need to consider how many licences you need for all your staff. You will also need to consider increasing the level of bandwidth to cope with the extra traffic.
Install updates regularly
Now you might find the need to install new updates annoying but they have an essential security purpose. Updates often include patches for security vulnerabilities that have been uncovered since the last iteration of the software was released. You will usually be able to set updates and patches to run automatically outside of work hours.
You will need to make sure your staff are regularly updating their devices. You will also need to ensure that the server in your office is still being patched regularly. It should be business as normal even if you're not all in the office.
Backup your data
Data can be lost in several ways, including human error, physical damage to hardware, or a cyberattack. Ransomware and other types of malware can wipe entire systems without you having a chance to spot it.
While hardware backups are still an option, one of the most convenient and cost-effective ways to store your data is in the cloud. Cloud backup services come with a wealth of options enabling you to customize your backup schedule and storage options.
Be aware of phishing emails
With the rise in the number of people working from home due to the coronavirus outbreak, cybercriminals are already looking to cash in on the trend. It’s highly likely that phishing emails will target remote workers in a bid to steal their personal information or gain access to company accounts.
If you do click a link and end up on a legitimate-looking site, be sure to check its credibility before entering any information. Common signs of a phishing site include lack of an HTTPS padlock symbol (although phishing sites increasingly have SSL certificates), misspelt domain names, poor spelling and grammar, lack of an “about” page, and missing contact information. You find out how to spot phishing emails here.
Communicate this to your staff
Your business should explain the technical solutions that you’ve implemented to protect sensitive data and how employees can comply with them. For example, we recommend earlier applying two-factor authentication to any third-party service that you use.
Make sure that staff know what to do if their device is lost or stolen. That includes who to report it to: staff who fear getting into trouble are less likely to report lost devices quickly, so make sure it can be done in a blame-free way.
Your cybersecurity will start to feel the strain now that your staff are out of the office and working from home. Mainly because it's been set up to protect you as you work in the office. So there are new steps you will have to take to make sure your business is still protected with your staff working from home.
Following these tips are a great start and will help remove some of the easy to fix issues you might face. For further help in protecting your business as you work remotely contact us today using the form here, email firstname.lastname@example.org, or call us on 01634 52 52 52.