Millions of workers around the world have begun working remotely in the last year, as the coronavirus pandemic continues to challenge the business world. According to a survey by Deloitte, 41% of workers believe they are more productive when working from home, so this new way of working has brought several benefits. However, there is a downside, especially in regards to cyber and data security.
Cyber security has become a huge concern for many companies over the last two years. Having a remote workforce means that there is a greater risk of employee and client data being compromised, which can do huge damage to a business’s reputation. In fact, research from the Department of Digital, Culture, Media and Sport has found that 32% of UK businesses do not feel confident dealing with a cyber security breach – quite an alarming statistic!
Thankfully, there are some easy steps you can take to maintain your organisation’s cyber security when working outside of the office. Keep reading for our advice on what some common risks associated with working remotely are, and what you can do to avoid them.
Avoid using personal devices if you can
According to Cisco, 46% of employees admit to transferring files between their work and home computers when working remotely. Many companies also advocate ‘Bring Your Own Device’ policies, which allows staff to complete their work on the devices they already own and are familiar with. Although this is a tempting option, and an easy solution when it comes to managing a remote workforce, you should avoid doing this where possible, as it could lead to problems in the future.
For example, if your employee’s personal device is lost or stolen, any company data they stored on it is now in unknown (and potentially malicious) hands. Additionally, if these devices are shared with their family or other household members, these third parties might also gain unauthorised access to sensitive information, which is difficult to monitor. Finally, if an employee leaves your company, there is no guarantee that they will remove confidential data from their device, and they could deliberately cause a breach if their employment ended in less than ideal circumstances.
However, in some cases, having employees use their personal devices may be the better option. Advantages might include the convenience of everything they need being on a single device, and saving company money by not needing to buy equipment for every employee. If your employees have to use their own devices, you should encourage them to make sure these are regularly updated and stored safely away when not in use.
Secure your online meetings
If your team regularly meets over video or audio calls, you should take measures to ensure these meetings are protected from any uninvited guests. One recent phenomenon that has brought disruption to countless online meetings since the beginning of the pandemic is ‘Zoom bombing’. This is when online trolls or hackers enter a conferencing call with the intention of disrupting a meeting, and in many cases they may share obscene or offensive material to intimidate or harass other participants.
Fortunately, many video conferencing platforms have introduced tools to help prevent these attacks. For example, hosts can set passwords that participants have to enter before joining meetings, or they can turn off the chat or screen sharing functions. Take the time to familiarise yourself and your employees with these tools, as this will help keep you and your employees protected from these attacks.
There are also some measures you can take in person to ensure online meeting security. If you know sensitive information is going to be discussed, make sure you are in a private space where you won’t be interrupted or overheard. Wearing headphones will also help ensure that anything said in the meeting is kept private between you and the other participants.
Be cautious when working in public places
Some people might prefer to work in a quiet space like a library, or somewhere with ambient background noise like a café to keep them focused. If you are someone who enjoys working in these public places instead of your own home or the office, you need to be extra vigilant, as you are even more vulnerable to falling victim to a cyber security attack.
There are several cyber security risks associated with working in a public space. Firstly, leaving your device unattended puts it at risk of being stolen, and any data you store on it being compromised. In addition, any calls you answer will be within the listening range of strangers, who could overhear sensitive information. Finally, the most serious risk comes when using free public wi-fi. These servers generally lack protection, which means any malicious actor can very easily hack into these networks and gain access to your device.
However, by being aware of your surroundings, you can easily avoid these threats. If you are expecting any calls, try to take them in a private location, and take any valuable belongings with you while you’re away from your workspace. If you plan on using public wi-fi, make sure you have a good antivirus software installed, and you might also want to consider using a VPN for an extra layer of protection. Just like in any other scenario, if something doesn’t feel right, trust your gut and relocate your workspace to somewhere that feels safer. Cyber security when working in a public space is also a matter of personal security, so by taking these steps, you can help prevent yourself and your company from falling victim to cybercrime.
Working in a public space like a café might help you to stay focused, but this can come with additional cyber security risks to be aware of.
Secure your network
You might assume your home wi-fi is safe to use, but without the right protection in place, you will be making yourself vulnerable to a cyber attack. Home networks generally lack encryption, so any data sent in an unencrypted form could easily be intercepted and stolen by a cybercriminal. Having a strong and unique password for your router is one way to prevent unauthorised access, but a VPN will again provide an extra layer of protection when accessing work data outside of the office.
Making sure your devices are up to date with the latest hardware and software patches will also go a long way in keeping your data safe. Any device you use for working remotely should be regularly checked for updates. Some older devices no longer receive updates, so you may also want to consider investing in newer equipment to ensure that you and your company are fully protected from any cyber threats.
Practise training, awareness, and vigilance
According to Tessian, the most common type of cybercrime last year was phishing. This is when an attacker poses as a trusted individual or organisation to either trick their victim into giving sensitive information, or to implant malicious software onto their device. Verizon reports that 96% of all phishing scams happen over email – which means that in the vast majority of cases, these attacks are preventable.
Cybersecurity training should be an essential part of any role that involves the use of computers or other devices. However, this need is even more vital when you have remote employees, as they could be giving hackers access to your company’s network and data without even knowing it. Make sure these employees fully understand what programs and tools they should use (for example, what platform to host conference calls on), and what processes they should follow at the first sign that their accounts or device may be compromised.
If you’d like to find out even more ways to keep your business cyber secure, check out our post with our top 10 ways to protect yourself and your company online here!
Final thoughts
Remote working opens up a world of possibilities to your employees, and can actually help improve their productivity, engagement, and morale. However, if you plan on having your staff work from home, you need to take extra caution to make sure they (and you) are practising good cyber security behaviour. We hope this article has shed some light on this topic, and you now feel confident in avoiding some of the most common cyber security risks.
