Security Threats Presented to Businesses When Working from Home

Security Threats

Ensuring that the Information is Treated Confidentially

  • Companies need to take into consideration whether it is absolutely necessary for staff to take home or access hard copy files. When it isn’t needed then scanned copies that can be accessed from their devices should suffice.
  • When a hard copy is required a record of any documents taken home should be kept and your employees need to be able to confirm that they are stored or disposed of in the correct manner.
  • Employees will need to be trained in cyber security, in particular logging out of their device when it is not being used and ensuring the location which the data is being accessed is secure and private.
  • Refresh your staff’s training in the existing data protection policies in place and understand that their confidentiality obligations are still in place when working remotely. If there are any amendments to policies to allow for remote working staff should be informed right away.

Protecting the Organisation Against Cyber-attacks

  • Assess your current security procedures and ensure that all of these are being implemented regardless of remote working.
  • Encryption is a valuable tool in blocking outsiders from accessing any data even if a device is stolen or lost. If the worst does happen the device should be accessed remotely and wiped.
  • Members of you IT team should communicate with other staff on how best to remain secure and alerting them of particular scams that are circulating etc.

Even with the upheaval at the moment with all that is going on in these unusual times GDPR is still a priority. Many things have changed but that has not. If you need any advice please feel free to contact us.

Managing Cyber Security when Working Remotely

Currently we are all being encouraged to work from home. While that is not always possible, for those that can there are important points to consider when working remotely in order to securely manage data. Here are 8 strategies I found particularly useful.

Working Remotely
  1. Keep personal and work separate and stick to your own devices.
    Try to have separate devices for your work and personal life. Having a dedicated work device is much more secure for the company. While not always possible best practice would be for the company to supply the required devices.
  2. Have a Cyber security policy.
    Have a clear expectation for cyber security when working from home. If the company has their own devices this can be easier to control as they will be responsible for virus protection software and how files are encrypted etc. This is not always possible therefore it is necessary to check the state of the device an employee will be using. Are you assured that their virus protection is up to the standard necessary?
  3. Do not open unfamiliar emails, files or links.
    Opening things from unfamiliar sources can be catastrophic when working from home. Your clients and employees are instantly put at risk and there is a multitude of methods that can be used to steal data from them.
  4. Encrypt your data.
    Encrypting data means that if a person doesn’t have the correct passcode then they cannot read the data. When working from home, data will regularly be sent back and forth between employees, if it is encrypted it is less likely to be leaked.
  5. Have a secure password.
    Your password cannot be simple. It needs to consist of uppercase and lowercase letters, symbols and numbers. It is best if the password has no connection to the person or company e.g. shredding1 would not be the best choice of password for me.
  6. Keep up with the updates.
    Regularly let the computer do updates. Updates are vital for ironing out glitches and security risks that have been identified.
  7. Do not connect to a public/open network.
    If you require internet and you are out and about away from home and work then using your phone as a hotspot is a better solution than connecting to an open network. Connecting to an open network can allow anyone on that network to access your data.
  8. Back up data regularly.
    Some viruses are destructive and may not even steal any information. There are viruses that allow files to duplicate until your pc is so packed that you can’t even turn it on. Others aim to wipe your entire hard drive. Always back up your data to a secure drive. Either an external hard drive or a cloud-based file system that the company uses.

Should the worst happen, and the data is compromised it is important to report it to the relevant authority within your company.