Staying cyber secure with your team working from home

Business Insights

Although some restrictions are easing, it would appear that many of us will continue working from home for a substantial portion of the time.

Changes in working patterns seem to be here to stay as workers increasingly report a preference for more flexible working patterns. Such fundamental shifts in how we communicate, collaborate and share information have necessitated an equally fundamental shift in the way we all need to understand the importance of cyber security.

Awareness, is the best protection. Introducing regular security reviews and audits will help everyone to be vigilant and have a constant awareness of cyber security risks. It will also identify and plug any gaps in your armour and help to enforce and lessen any potential threats before they arrive.

Human error is the biggest cause of cybersecurity breaches, so it is essential to train staff in cybersecurity best-practices even when they are working from home. To do this, create cybersecurity guides and ensure that employees read them regularly. This should be combined with remote training using tools such as Microsoft Teams.

Hackers and malicious operators are taking full advantage of the fact that many of us are working on devices that are less secure than the ones in the workplace. Also, because of a general lack of cyber awareness, we are, when working from home, apparently much more likely to click on a dubious email. As a result, it is suggested that as much as 80% of Ransomware attacks occur as a result of an end user clicking on a wrong email.

Phishing attacks are on the increase too as cyber criminals expand their activities, to take advantage of our fears, and Covid has opened up a whole new area of opportunity for them. Phishing attacks are three times more likely since Covid, with a variety of phishing campaigns taking advantage of the heightened focus on COVID to distribute malware, steal credentials, and scam users out of money. Scamming and brand impersonations account for 88% of these phishing attacks.

So, what can businesses do to protect their valuable data and their employees. First and foremost, as a business, you must make sure that remote workers are offered the same level of protection as they are when in the office, and that your systems and process are designed for working from home.

Ideally, make sure that all employees are using a work computer, laptop, tablet and smartphone and not their own personal devices. Changing devices for End User Devices will allow you to bolster control of the device, its data, authentication, security and interface protection. It also means your technical support teams can remote access end user and network devices to quickly resolve any issues. Restrict user controls with advanced threat protection on these devices too. This helps to secure your business data by enforcing stricter user controls.

Employees should be able to use your company’s VPN when working from home, and you may need to increase bandwidth to accommodate a rise in traffic. Ensure that your VPN solution is secure and stable and, as part of this, that your company firewall has built-in VPN capabilities.

The greatest challenge facing businesses over the coming months and years is facilitating both remote and office-based working while ensuring they are protected from an IT perspective.

The single most important thing you can do is to switch to cloud networks and computing. By migrating to the cloud, businesses can offer safe and secure remote and office-based working, with the option to scale up and scale down usage in line with their needs at the time. For example, it might be that for the next two months staff continue to work from home, putting additional pressure on the company’s VPN and network. But then as more employees return to the office, this pressure is reduced and so too is the bandwidth required to power VPNs and networks.

With the cloud, businesses pay for what they use so over the coming months may need to increase their investment in cloud bandwidth, but then reduce it when employees are back.

It is key to ensure cyber security by embedding cyber awareness and procedures into all your company practices, not just as a one-off reaction to current challenges, but as a regular part of all your company training and practices moving forward.