9 cybersecurity tips for staff working remotely

Daniel Strain 06-Apr-2020 00:00:00
Young man working at his desk while on a Zoom call with colleagues

In the current climate, companies have followed rules on “social distancing” and setting up their employees to work from home. Remote working is a great solution for most but without proper security measures in place, employees could leave their company open to cyber attacks.

In this blog, we share tips to help you navigate your remote working journey and keep you safe online!

What are the online threats to remote workers?

Before we dive head-first into the tips, let’s outline some of the online threats that remote workers should know about.

  • Unsecure Wifi networks: Most workers will work from home where they can secure their wifi. However, some may need to use unsecured public wifi (cafe, trains), a hot spot for cybercriminals to lurk and gain unauthorized access to sensitive information.
  • Using personal device and networks: Some workers may have no choice but to use of personal networks and devices. These will most likely lack the level of security (anti-virus, firewalls etc) your office devices/network. This increases the risk of malware finding its way onto devices and both personal information and work-related sensitive data being leaked.
  • Phishing: We have already seen an increase in the number of phishing attacks during the pandemic. So it is safe to assume we will likely see an increase in malicious campaigns targeting remote workers.

Remote working tips for staying cyber safe

It’s also worth checking with your employer to see if they have any protocols or a remote working policy in place.

Download Our Free Remote Working Policy Guide

If not, here are some simple steps you can take to protect yourself while working from home:

Use strong password protection

Make sure your accounts are protected by using strong passwords and never use the same password twice. It only takes one compromised password for someone to gain access to all of your accounts.

It’s near impossible to think of and remember strong and unique passwords for every account your make, you could have hundreds. This is where password managers come in handy. A password manager can generate and store all your passwords without you ever needing to remember them yourself.

MyGlue and LastPass are two good examples to use!

Enable multi-factor authentication (MFA)

Even if you follow best practice with passwords, passwords themselves are a constant risk and may eventually be cracked. To eliminate this security risk, turn on Multi-Factor Authentication (MFA) for you and your colleagues.

MFA is a security process that requires the user to provide more than one method of authentication to verify themselves for a login or other transaction. Only granting access only after successfully presenting two or more pieces of evidence to an authentication mechanism. Read more about Multi-Factor Authentication here!

Use a VPN

A VPN isn’t just used to get around geographically restricted content, it is also good at increasing online privacy. When you connect your computer, smartphone or tablet to a VPN (Virtual Private Network), the computer acts as if it’s on the same local network as the VPN.

But be careful which VPN to trust, not all of them are nice! Some could leave your device riddled with Malware. If you’d like some advice on which VPN is right for you, check out VPN Ratings post for advice.

Set up firewalls

Firewalls act as a line defence to prevent threats from entering your computer system. They create a barrier between your device and the internet by closing ports to communication. This can help prevent malicious programs from entering and can stop data leaking from your device.

Your device’s operating system will usually have some form of a built-in firewall, just make sure that yours are enabled!

Activate antivirus software

Although a firewall can help, it’s inevitable that threats can get through. Good antivirus software can act as the next line of defence by detecting and blocking known malware (malicious software).

Even if malware does manage to find its way onto your device, an antivirus may be able to detect and in some cases remove it.

Keep on top of install updates

Updates for device software can be annoying and often pop-up right when we’re in the middle of something, but they are highly important! Updates often include patches for security vulnerabilities, meaning if you don’t update you are leaving yourself open to cyber threats.

Most of the time, you can set updates to run automatically during your downtime – when you’re sleeping or over the weekend.

Back up all of your data

Human error, physical damage to hardware, or a cyberattack can all lead to the loss of important business data. Ransomware and other types of malware can wipe entire systems. One of the safest and cost-effective ways to store your data is in the cloud.

If your business isn’t operating on a cloud-based system yet, now is a great excuse to start. Not only is it more secure than a physical server, but it also gives you and your colleagues the opportunity to work on files from anywhere, at the same time.

Be on the lookout for Phishing

Phishing emails, as well as voicemails (vishing) and text messages (smishing) are used to “phish” for information. Often used in social engineering campaigns to use information criminals can learn from your social accounts, to gain access to a mailbox and from there send unsolicited emails on behalf of the unwitting victim.

Whilst phishing has evolved to use complex techniques, there are a couple of key indicators which if you learn and keep in mind you can drastically reduce your chances of being phished. Here’s a couple of our favourites!

Leaving your device? Lock it

And last by not least, locking your machine is a basic but easy-to-forget step. Even if you are stepping away for a second, make locking your device part of your routine before leaving the desk. This will be beneficial when returning to the office. It’s a simple part of security that will pay off!

If your business is looking for cyber security support for remote working, get in touch, we would love to hear from you!

Have a query? Contact the team today!