Stay Safe Online Working From Home
21st April 2020
Since the beginning of the Covid-19 crisis people have repeated the phrase "Stay Safe" sincerely to each other, with personal health and well-being foremost in their minds. But several weeks into the lockdown phase of the government response it is a phrase that can be applied to our cyber health too.
National figures from the Office for National Statistics "Coronavirus and Homeworking" report suggest that only 30% of the UK workforce has ever worked from home before. This first experience of home working for an enormous number of employees and employers had to be executed at short notice. In addition to transitioning away from a trusted office environment, new tools and methods to stay connected as a team were tossed into the mix.
Robert Dalziel, virtual Chief Information Officer at Tycom, "If ever there was a time to demonstrate how technology can support home working effectively, this is it. Putting it into practice however, has meant end users have had to overcome, or work around, hurdles they probably hadn't considered before such as home security or the compatibility of networked office kit in an environment where wireless access is preferred. Broadband speed, adequate software licences and access to shared resources can all be taken for granted when working in an office, but they can significantly impact productivity levels from remote locations if not properly specified."
"Employees may have been introduced to new tools with little notice too and it can be really easy to avoid using these in favour of less secure, but more familiar, group chat or video conference facilities."
If ever there was a time to demonstrate how technology can support home working effectively, this is it.
Opportunistic digital criminals are using the Covid-19 crisis to exploit user vulnerability. Barracuda Networks has reported a 667% increase in malicious phishing emails (which trick users to reveal personal data) and Google is reportedly blocking more than 100 million phishing emails a day on its Gmail service.
Declan Doyle is an Ethical Hacking Expert at the Scottish Business Resilience Centre. Addressing cyber security from a defensive point of view, part of Declan's role is to raise awareness, share advice and deliver training to SME businesses in Scotland.
We asked Declan what actions employees working from home could take to stay safer online:
Updates
Whether working on your personal device or work computer, don't ignore messages from your service provider or IT support team about operating system and internet security updates. These patches make it less likely you'll fall victim to a cyber target.
Passphrases
Stop using passwords and start using passphrases. One word is no longer strong enough protection. Look around your new working space and choose 3 or 4 words from what you see and make a phrase out of it. A password management system can help you create and retain complex passwords for every site or subscription service you use.
Social Media
Manage your social media privacy settings and take care which photos you post. Recently, these channels were full of images showing off new home working arrangements and included written post-it notes, documents, spreadsheets and computer screens with video conference ID codes clearly visible.
2FA
Follow the security best practice of your organisation and incorporate two factor authentication (2FA) whenever possible. [We followed Declan's advice and included 2FA on our Linkedin profiles, go to Personal Profile> Settings > Privacy].
Video
There's been a huge spike in video conferencing, use the optional functionality of meeting passwords and virtual waiting rooms to avoid unwanted visitors!
Backup
Protect the documents you are working on by backing them up to your employer's remote server, don't save them locally.
Separation
Keep work life and personal life completely separate. For example, many of us are home schooling right now, but educational software and websites are easy targets for cyber criminals.
Phishing
Don't panic if you receive alarming or suspicious emails, even if they seem from a trusted source. These phishing emails can be very damaging, take the time to verify their authenticity, double check by phone if possible.
Robert Dalziel, concludes, "As we gradually transition from home back to the office environment, part of an employer's contingency planning should include continuity reviews and re-establishing consistent standards across their systems and IT infrastructure. I believe there will be a complete change of mindset about working from home and that will facilitate better training across applications such as Microsoft Teams and SharePoint On Line, enabling a more digitally sophisticated workforce in the long term."