Share this article to start the conversation on SME security:
With the rise in reported cyber attacks since the emergence of COVID-19, professionals were forced into a more vigilant way of working, often from different environments and systems. A substantial proportion of the population are now welcoming part-time work from home (WFH) practices and it is important that these working environments are just as secure (if not more) as those back in the office.
Initially, companies faced a rush to WFH in a panic, with little care taken to secure practices in the process. However, now that the initial pandemic shock has passed, the time has come to ensure your WFH set-up is efficient, resilient and secure for long-term activity.
In no order of importance, the following 5 steps are those which we would encourage any business to use when securely working from home:
With the majority of emphasis held on digital security, it is vital that physical security doesn’t go out of the window – quite literally. Opportunistic cyber criminals will be searching for ways to steal your data and this may take form through physical theft.
To reduce the risk of physical security breaches when out of use, ensure you lock all systems, close all windows and hide all devices from plain sight when not in use. When in use, install 2-factor authentication (2FA) or multi-factor authentication (MFA) password security to add that additional step between you and a potential cyber criminal.
As files are created and saved onto your desktop, the chances of a data breach dramatically increase. Securing your files has never been more important.
To protect against ransomware maliciously encrypting your files, use synchronisation technology that can quickly restore your files to the last good copy, whilst also facilitating secure file sharing with others, rather than using less secure methods such as email. To protect against data theft, Microsoft’s Bitlocker (free with Windows 10 Pro) or similar to encrypt your device at home – this will prevent thieves from accessing your company’s data.
Similar to file synchronisation, having remote connections from your desktops and mailboxes are also critical for secure homeworking. This enables all work to be hosted in a different location to the local device.
By using remote hosted services, only users with authorisation will have access to your information, minimising the risk of a security breach (especially when used in combination with two or multi-factor authorisation).
When you are working from multiple devices (e.g. your home desktop, office desktop and mobile device), it is critical that threats are being proactively monitored from all ends.
Optimal security from multiple devices can be achieved using endpoint security and management. Services as such allow threats to be monitored and discovered before they have the opportunity to affect your workflow, critical when staying virtually connected with your colleagues.
In the course of the pandemic, numerous businesses and agencies have fallen subject to the scams held by cyber criminals. One scam that took many by surprise was that of the ‘GIF’, hosted through Microsoft Teams.
To many working from home, Microsoft Teams has been a life-saver and the GIF was just a short animation sent to colleagues to lift spirits within this crazy time. Thanks to CyberArk, the dangerous GIF never became an issue. However, this acts as a reminder that even the most ‘harmless’ of features could turn malicious without appropriate cyber controls.
If unresolved, even looking at the malicious GIF without interacting with it could have scraped the user’s data. This is why we recommend all employees not only keeping up-to date with the latest news in cyber security, but also actively watching for cyber threats.
By ensuring that all employees have adequate knowledge of what a cyber threat could look like for them, the company’s overall work from home security will improve. This can be achieved in numerous ways, from hosting cyber security training to having open discussions about the steps all employees should be taking to achieve quality work from home security.