Cyber security for remote working

It’s been two years since the start of the global Covid-19 pandemic, and so organisations are finally preparing for life in a post-pandemic world. One of the many issues they’ll have to address is IT security for remote workers. The huge shift towards remote working led to a 600% increase in cyber attacks. These attacks looked to exploit panic from both employers and employees as businesses scrambled to keep business objectives on track.

Remote working comes with myriad dangers for both employers and employees, with employees relying on their home networks – and sometimes their own devices to complete work-related tasks.

According to the Velocity Smart Technology Market Research Report 2021, 70% of remote workers said they had experienced IT problems during the pandemic, and 54% had to wait up to three hours for the issue to be resolved. Yet, for better or worse, remote working is here to stay, with the benefits simply too appealing to employees.

A Gartner survey found that 47% of organisations will give employees the choice of working remotely full-time once the pandemic is over, and 82% said employees can work from home at least one day a week.

If you’re among the organisations giving employees that choice, you must take the time to review whether your remote working practices are suitable, and look to enforce stringent policies in order to ensure your business and your employees are secured against cyber attacks. Whether or not you have escaped unscathed so far, all remote workers should take note of the following list of security best practices for home workers.

1. Secure your home environment

   When setting up a work from home environment, try to designate a specific room or area as your home office. Make sure that private conversations remain private by turning off virtual assistants such as Google Nest and Alexa.
   Ensure that all work devices and company information such as paper files or external storage devices are kept locked away and out of sight when not in use.

2. Lock screens

   When your workday is over or when taking breaks from your work environment, ensure that screens are locked. Don’t leave company laptops in plain sight unattended.

3. Set strong passwords

   Passwords are essential to robust cyber security (see https://arxall.io/news/resources/implementing-a-secure-password-management-system/ for our top tips on strong passwords). take a look at our best practices and password advice here.

4. Keep work and home devices separate

   Don’t use work devices for personal activities such as downloading apps or conferencing tools without IT agreement. Be disciplined in using personal devices for personal internet browsing.

5. Connect via VPN

   Always connect through a VPN to ensure your internet connection is encrypted and your information and online activity are secure. Your employer should provide you with a VPN when working from home.

6. Be aware of your privacy

   If hosting calls, ensure you enable the waiting room so you know exactly who will be joining your call. Blur your background on calls or be mindful of what’s in the background of your webcam.

7. Secure Wi-Fi access points

   Verify wireless routers use WPA2 and ensure they’re protected with strong passwords.

8. Be aware of phishing attacks

   Organised crime groups are capitalising on the disruption of the pandemic to target people working from home with a range of scams. Look out for emails that:
   — Start with a generic greeting like “Dear Colleague” or “exaple@yahoo.com”
   — Have poor grammar or spelling mistakes
   — Solicit personal or financial details
   — Demand action with a threat or time imperative
   — Ask for charitable donations via unusual channels
   For any email that you find suspicious, always double-check the sending email address. Scammers will often attempt to contact victims with an email address that looks similar to that of a known contact.

       E.g John.davis@malven.com (genuine)
       John.davs@malven.com (scammer)

9. If you click on a suspicious link;

   Don’t panic and follow these steps:
   — Open your anti-virus software and run a full scan. Carefully follow any instructions given.
   — Contact your employer’s IT department to talk you through what you need to do next.
   — Change your password immediately if you were tricked into providing your password.

Summary

Whether your staff are working in the office, at home, in shared working spaces or anywhere else, you need to manage security risks. Working from home can bring with it many benefits for your business and employees, but it must be undertaken with safety in mind. Security must be a top priority and no corners should be cut in an attempt to increase efficiency. Education is key and robust security starts with your workforce.