Keeping Home Workers Cyber Secure

Working from home has increased the threat of cyber attacks

On March 23rd, the whole of the UK went into lockdown. It was sudden and left the majority of businesses little time to prepare, not least the nuts and bolts of cybersecurity when it comes to working remotely.

The majority of workers have had to rely on supplying their own IT equipment, Wi-Fi and security systems, most of which are standard antivirus software and firewalls. With no security awareness training in place, many workers are using the same login details for every account they sign into online and probably the vast majority of us use the same login details for our email as we do for many other accounts. Even though this is not a perfect scenario for anyone in regard to their personal cybersecurity, when it comes to sensitive work data, it is far from adequate and leaves businesses wide open to attack.

Hackers have upped the ante…

Cyber-attacks targeting homeworkers rose from 12% before lockdown to 60% just six weeks later. At the beginning of May, Darktrace detected ‘a large malicious email campaign’ aimed at UK businesses telling employees they could opt to be furloughed if they signed up to a specific website. And this is just one example of many.

What can remote workers do to reduce these cyber threats?

Organisations have to consider how they can prevent data loss caused by risky remote-working behaviours.

The very first step is password management. Go through both your personal and business logins and change your passwords, using computer-generated ones that are strong where possible. Doing this once is not enough. Your passwords should be changed on a consistent basis as this is one of the best defences against cyber hackers.

Use two-factor authentications where possible. This adds an additional layer of security as logins have to be authorised through other means. It is best, where possible to use a different device completely to the one you are working from such as your mobile phone.

Check your antivirus software and firewalls. Are your subscriptions up to date and are you using the smartest technology that is available?

Back up your work regularly to either a cloud or external hardware. If you suspect your computer has been hacked, the first and most important thing to do it to wipe it. If you need to take time to back up all your files, you are laying yourself open to more risk.

Home Wi-Fi is not secure enough for sensitive company data. Using a VPN (Virtual Private Network). This will give you online privacy and by creating a private network from your public connection. VPNs use encryption to scramble data when it is sent over a public Wi-Fi network. This encryption makes the data you are sending unreadable.

Final Thoughts

Although there are many practical things both remote workers and their organisations can do to make their online working more secure, the most valuable tool in any company’s armour is training and creating awareness. The majority of breaches are caused by employee errors. Good employee training could see you well on the way to combating bad actors.

Here are some helpful resources when it comes to protecting your data:

https://ico.org.uk

https://www.ncsc.gov.uk