• 5 quick cyber security tips for home working

The COVID-19 coronavirus pandemic has presented cyber criminals with the ideal environment to thrive, capitalising on the anxiety, good-will, and sense of emergency, of individuals and businesses alike.
 

Additionally, the rapid and unplanned uptake of home working has undoubtably created more opportunity for criminals in the rush to keep organisations up and running, for example, old or user-owned devices being utilised that may not have up-to-date software.

We recommend attending one of our webinars about how to keep data secure during home working for a deeper look at the security issues you need to consider, and how to tackle them.

 

In the meantime, here are five things you can do right now to improve your security:
 

1. Review your password policy; reinterate it to your users

Your Group Policy likely already mandates regular password updates, minimum length, including a mix of numbers, letters and symbols which should prevent such classic password fails such as ‘123456’ or ‘password123’; if you haven’t got these in place, start there.

Even with this policy in place users often still choose a simple, obvious, or regularly used password because they’re afraid of forgetting something more complex. To help them out, you need to remind them why it’s important and give them some methods to choose a password memorable to them, but hard to guess. There’s some tips about generating strong passwords at the end of this article.

Additional steps include reminding users to not write passwords down or share them with others and making sure that your organisation’s security policy documents are up-to-date so users are clear that these are rules rather than requests.
 

​2. Turn on multi-factor authentication (MFA)

Compromised credentials are a common way to access networks remotely, and because the user activity seems normal, it may take a while to realise that you have a breach. MFA adds an additional layer of authentication to prevent this happening by combining the user’s password with another form of verification, which includes things like codes sent via SMS, and facial recognition.

Many organisations will already have the functionality available and just need to ensure this is set-up correctly. For example, MFA is included with Microsoft accounts and if you’re using Windows Hello for Business, then you’re already using two-factor authentication.

Whilst this might make logging into a new device take a little longer for your end users, it’s a quick and effective way to reduce the risk of unauthorised access to your network.
 

3. Ensure personal devices being used for home working are secured.

A lack of availability of laptops has meant many workers accessing networks from home using their own devices and equipment. It’s important to check that all devices used for work purposes are using up-to-date OS, are patched, and have a sufficient level of anti-virus running.

Remind users not to connect to unsecure open or free networks to access the internet, and make sure that their WiFi router’s default password has been changed to something secure. You may need to give some instructions or even get your support team to talk them through this.
 

4. Back up your data

Cyber attack, human error, damage to hardware – there are many ways to lose data, and businesses regularly do. This impacts your ability to work, your credibility and may even put you in breach of data protection regulations. But the right back-up solution can get you back to work quickly, even when faced with a ransomware attack.

Whilst many still rely on backing up to hardware, increasingly organisations are shifting critical back-ups to the cloud which offers a number cost, scale, security and access benefits. And you can put this in place pretty quickly too. Considering back-up and recovery solutions but not sure which option would be best? We’ve pulled together a comparison of traditional vs non-traditional disaster recovery to help you make a decision quickly.
 

5. Provide ongoing comms & support around security to users

Cyber attack attempts are on the increase, with criminals targeting your users to find a way to breach your network. Your users are your first line of defence, so give them a heads up about what to be on the lookout for; send some examples of suspicious emails and activity, and give them clear guidance about what to do and who they can contact about anything suspect.

Make sure that managers are aware of the correct processes, highlighting the key areas for them to keep an eye on e.g. using company file sharing, software and tools, rather than sharing via email or less secure channels outside your network.
 

For more in-depth cyber security guidance, including threat overview, key stats, as well as the solutions and approaches you can take to become more secure, request a copy of our ultimate guide to cyber security via the form on the right.
 

You may also be interested in: How to make your data more secure: Classify it



 

Four Reasons Your Office 365 Data isn’t as Safe as You May Think
 

 

Request The Ultimate Guide to Cyber Security:

 Security code
 

Recent Articles

 Contact centre

 Contact Centre

 
 Call Us

Speak to Sector & Technical Experts

 0800 015 7299
 Customer IT Support
 0121 248 7932
 Live Chat

Want to talk to an advisor?
Click the chat button below