re your remote and hybrid workers cyber secure?
Since COVID-19, the scale and speed in which industry has adapted to a more hybrid approach to working is phenomenal. These new ways of distant working will have left many exposed to the threat of cyber-attack. This blog has explain key steps that can be taken to ensure cyber secure remote working.
10 Steps to protect your business
1. Install Anti-virus
Install anti-virus software on all devices to protect your business from both viruses and malware. Most operating systems now come with built in anti-malware capabilities but you should ensure that this is appropriate for your needs. Ideally your installed antimalware software should update daily to protect against emerging threats.
2. Enable Firewalls
Create a buffer between your network and the internet to provide good protection from cyber attacks. Most computers will have built in firewall functions which should be activated.
3. Update Operating Systems and Applications
All devices and all applications must remain updated at all times. Most devices and applications prompt users when updates are available and usually allow users to set automatic updates.
4. Strong Passwords & Two-Factor (2F) Authentication
Set strong passwords for user accounts and enable 2F authentication as an extra layer of security where available.
5. Secure Video Conferencing
Many popular free video conferencing services aren’t end-to-end encrypted and expose you to the risk of criminals accessing your calls by ‘snooping’. Limit this risk by always using meeting passwords and opting for services with enhanced security, configuration and privacy features.
6. Limit Removable Media Usage
In order to avoid data loss and limit exposure to malware, permit only sanctioned products and disable the use of all other removable media. Ideally you should encourage alternative means of data transfer making use of available online tools and products.
7. Controlled Access to Corporate Systems
Use Virtual Private Networks (VPNs) where feasible to allow home workers to connect securely to corporate networks. If a VPN is not available, you should ensure that workers have secured their home networks by changing router passwords from the manufacturer’s default to new strong passwords. You should also carry this out on other networked devices such as printers, scanners, or smart TVs.
8. Personal Device (BYOD) Security
Implement all of the steps listed above on any personal devices used for business purposes. Control and manage these devices through an appropriate company policy.
9. User Education
Organisations must educate users on how to keep their devices and software up-to-date and detect email scams. They should advise users to maintain privacy by turning off device cameras and microphones, and to store their devices and company data safely when not in use.
10. Incident Management Procedure
There should be a clear and simple process for any user issues, for example when a device is lost or stolen, or a user accidently clicks on a suspicious email.
Our team of experts will be happy to answer any cyber secure remote working questions you may have and provide you with confidential advice on how to protect your security.
