AUTHOR: ROY SHELTON, CEO CONNECTUS GROUP
Remote-working is here to stay. A recent report by the Office of National Statistics, revealed that the proportion of hybrid workers in the UK market has risen from 13% in early February 2022 to 24% now.
The businesses my company works with say they like the fact it saves employees time and money on commuting, and also allows them to have more time with their families.
Yet hybrid working presents challenges too: not least in the shape of security. The ever increasing cyber security threats that exist to all types of businesses are now clear for all to see. More than one in three (36%) of all UK companies were last year subjected to some type of cyber attack. Even charities are being impacted in a significant way.
During a time of financial challenges it might be tempting for many companies to be considering cutting spending on areas like security, thinking they might ‘get away with it’. But doing so can create more expensive problems to fix in the future.
The pandemic has transformed the way businesses operate, with hybrid working models now the norm. But even though home-working is an intrinsic part of modern-day work culture, many companies are just not moving forward at the same speed when it comes to implementing effective policies that work for staff and employers.
These failures were illustrated in a recent report by Microsoft which underlined the challenges many businesses are still facing in this area.
So how can you tighten your defences, including around data privacy, in a remote work setting.
The key thing is being cyber secure, too many remote cyber attacks have been perpetrated via remote working across unsecured Wi-Fi at home and in coffee shops/ hotels.
Security is vital – you must have end user device security. Ensuring your staff are trained and aware of secure remote working and can identify and resolve threats quickly is vital.
If you have not changed your router password, now is the right time to do so. Not changing your password for long makes it easier for people to guess and gain access to your network.
Attackers usually write a password into their code while attacking your router, and if it works, the router is captured. Keeping the same password allows attackers to guess it and keep an eye on all the data you send online, making your official data prone to leaks and attacks.
Use Two-Factor Authentication. Organisations are now using two-factor authentication to add an extra layer of protection. In this method, the user needs to enter their credentials and then another piece of information; an OTP or answer to another question is mostly used for providing the extra layer of security.
If an attacker gets access to the user’s credentials, accessing the other piece of information is quite tricky. Some companies don’t stop there; they take two-factor authentication to a whole new level by using retina or fingerprint scans.
Try to not mix your personal and professional Life. Do not use your work laptop for shopping online or accessing your Facebook, and do not use your personal laptop for accessing your company data. Using personal devices for work can cause a mistake, which can prove to be costly. For instance, you can send a confidential official document to someone on your Facebook.
Lock Your Device. Someone can look at your work even if you’re taking a bathroom break. Thus, it is essential to ensure that your screen is locked whenever you leave your device unattended. There are low chances that this will happen with your family members in the house, but you cannot take any chances.
Working from home means that outsiders have minimal access to your room, but it is always good to lock your device. Even your child can delete a critical file by mistake. It should be needless to say that your device should be password protected.
Spot Scams. Remote workers should be aware while working as no protection is 100% secure. They can receive spam or malicious email aimed at tricking them into doing something that compromises the security of data. There have been several instances during the coronavirus pandemic where attackers trick users.
For instance, attackers might disguise themselves as someone from the IT department and send an email where the user is required to change his or her password, wherein they can get access to it. Verify such things by contacting the IT team; reporting such things will also protect other employees who are less vigilant.
Use a virtual private network (VPN). It’s always good to be extra cautious while accessing official data. This is because protecting your Wi-Fi with a password might not be able to offer the desired level of protection from outsiders.
Using a VPN encrypts your data automatically (regardless of your network settings), and outsiders will not be able to read it.
Employ an Antivirus programme. Companies do their best to protect devices from malware. They restrict employees from downloading applications, prohibit online access, install security solutions, and more. Following all these things becomes a bit trickier at home. However, you shouldn’t leave your laptop vulnerable to attacks.
To prevent your work laptop from attacks, it is best to purchase and install a trusted antivirus solution. You can opt for a paid as well as a free version of an antivirus. A free version is also capable of preventing your device from getting infected.
Finally, move to the Cloud. Opting for a cloud service provider to host your applications and data on the cloud is a great way for employees to work from home while ensuring the safety of the official data. The data is located at several locations around the globe, which makes it difficult to hack.
Most cloud hosting providers use the latest security standards and firewalls to prevent unauthorized access to their cloud servers. Also, they take care of your data’s physical security with multi-layer scanning when someone enters their facilities.