Author : Geraldine Strawbridge
Global concerns over the rapidly spreading coronavirus (COVID-19), has meant that many organisations have had to instruct their employees to work from home.
Since the World Health Organisation declared Coronavirus a global pandemic, there has been a concerted effort to contain the spread of the virus and reduce infection.
To protect employees and ensure business continuity, organisations have had to rapidly adapt to the situation and put in place plans to mobilise a remote workforce.
Of course, for many organisations, especially in the tech industry, remote working is not a new concept, but there’s no doubt that it presents a serious security risk that can leave business IT networks, systems and devices highly vulnerable to attack.
Cybercriminals will be quick to take advantage of any lapses in security, so it’s vital that employees can recognise the threats and vulnerabilities to their company’s information assets when working remotely.
To prevent the compromise of valuable company data, there are a number of security practices that employees should follow:
The Do’s and Don’ts of Coronavirus (Covid-19) – eLearning Video
1. Do not click on links or download attachments from unknown sources
Whether you’re in the office or at home, phishing remains the easiest way for hackers to steal your personal information and install malware on your device. Fraudsters will often masquerade as a legitimate business or reputable source to trick you into clicking on a link or downloading a malicious attachment. In recent weeks, there has been a massive spike in Coronavirus phishing emails as fraudsters attempt to take advantage of the public’s thirst for knowledge surrounding the virus. The phishing emails try to lure victims in with offers of cheap hand sanitiser and facemasks, advice from experts, miracle cures and generally any other hook that will entice a user to click on a link.
Warning signs to look out for include: a generic greeting, poor grammar, a sense of urgency, threatening language, a mismatched URL, spelling mistakes, special offers, or a request for personal information.
2. Use a VPN (Virtual Private Network) for extra security
A VPN, or Virtual Private Network, is a great tool to help protect your privacy online. It lets you browse the internet safely and securely by routing your connection through a server and hiding your online connections. It effectively encrypts all your data so that a hacker can’t tell what you are doing online, or where in the world you are located. Quite simply your data is safe and secure, and your internet activity is untraceable.
VPNs can be used on a range of devices including a PC, laptop, phone or tablet and it provides an extra layer of security to both private and public networks such as Wi-Fi hotspots. Users can safely work online without anyone snooping on their online activity.
3. Create strong passwords
One of the easiest ways for hackers to gain access to sensitive company data is to guess passwords. 60% of people use the same username and password for all their accounts so if hackers are able to gain access to one account, they can potentially access them all.
If you are one of the guilty few, you should immediately change your passwords before working remotely from home. A strong password should be between 8-15 characters long, a mix of uppercase and lowercase letters and include numbers or symbols. For extra security, a passphrase can be created which is a password composed of a sentence or combination of words. The first letter of each word will form the basis of the password and letters can be substituted with numbers and symbols to add a further line of defence.
When choosing a passphrase, avoid the use of:
- Your name in any form or any abbreviations
- The name of close relatives or pets
- Your username
- Birth dates or anniversaries
- Famous quotes
4. Regularly update anti-virus software
One of the most important ways to defend against cyber attacks when working from home is through the installation of up to date anti-virus software. Anti-virus software is the first line of defence in detecting threats on your computer and blocking unauthorised users from gaining access.
In addition to installing anti-virus software, it’s vital to ensure that your software is regularly updated to prevent hackers from gaining access to your computer through vulnerabilities in older and outdated systems. Ignoring these update notifications could seriously threaten the security of your organisation.
5. Avoid the use of public Wi-Fi
Using free public Wi-Fi is a risky business that can pose a real threat to the security of your business. Public Wi-Fi requires no authentication to establish a network connection, allowing hackers direct access to unsecured devices on the same unencrypted open network. Hackers can then steal valuable info such as login passwords, credit card information, personal information or they may install malware to spy on your online activity.
6. Activate Two-Factor authentication
If you don’t have two-factor authentication set up on your work accounts, now’s the time to start. Two-factor authentication offers an extra layer of defence in protecting the security of your email accounts. In addition to a password, two-factor authentication requires a second piece of information to confirm your identity. This reduces the chance of a hacker being able to gain easy access to your accounts.
There are a range of different two-factor authentication sites available that can be used for this process. Once you have registered, you can login into your accounts as normal and then enter your password. As soon as you do this, the two-factor authentication site will send a one-off code to your phone that you must enter before gaining access to your account.
7. Secure your home router and Wi-Fi
When you’re initially setting up your home network you will be asked to create a publicly visible network name, otherwise known as a SSID (Service Set identifier). Most devices are configured with a default network name that has been allocated by the manufacturer. You should immediately change the default name to make it more difficult for a hacker to know what type of router you have, thereby reducing the chance of attack.
You should also update your wi-fi software to protect the network security of your home. The router’s firmware like any other type of software can contain vulnerabilities that hackers will look to exploit. Most routers will not have the option of an auto-update so you will need to manually update the software to ensure your wi-fi is protected.