The majority of businesses now need to consider how they can implement remote working at a moment’s notice. In March 2020 the switch was unexpected and led to plenty of teams working in a disorganised and potentially unsecure way.
The cyber-security impact of this rapid switch to remote working was massive, with cyber-attacks increasing by over 20% in the UK. Attacks during this period were overwhelmingly targeted towards businesses who had staff working remotely. Remote working opens new vulnerabilities that wouldn’t exist for businesses otherwise. Cyber-attackers are usually not the lone hackers that you’d expect. They’re complex organisations that know how to exploit any weakness that a business has, including remote workers.
With flexible working now simply business as usual, many new employees are demanding access to some form of flexibility, and with the potential for Covid restrictions to tighten again, businesses need to know how to stay safe. At Biscuit, we have valuable experience helping teams in a number of industries to handle cyber-security threats.
Remote working can be a safe, secure and practical experience but only if you use the right tools and follow some important best practices, here are our top tips.
Take a closer look at the devices you use for work
While sophisticated malware can be a big threat, the majority of cyber-attacks on small businesses simply take advantage of unsafe devices. A study showed that 39% of new homeworkers access work data on unsecure devices. We understand the appeal of using personal devices for work. It’s great to be able to react to situations quickly, or even just check your emails. However precautions need to be taken.
First, all home devices should be vetted by your IT department, or an IT management team like ours here at Biscuit. From here you can guarantee that these devices are working with adequate protection, such as firewalls and our IT blacklist service. This blacklist automatically blocks the IP of any site from around the world that we or one of our partners have discovered a security breach on.
Finally, it’s important to make sure that employees are using a secure network. Public WiFi or home connections with weak passwords are incredibly unsecure and pose a major security risk.
Learn how to detect phishing attempts
Since the start of this year, reported phishing attempts have risen by 600%. This startling increase is partly due to would-be cyber-criminals cashing in on the uncertainty caused by the pandemic. Phishing attempts are usually made via email and are designed to fool people into handing over company details or sensitive data. These emails are usually relatively easy to spot. However, working from home raises new challenges.
In the office staff are more likely to ask their colleagues for a second opinion when they receive a suspicious email. Similarly, the change in working habits when at home may lead to tired employees falling for a scam that they would otherwise notice.
For more information about how to avoid phishing attempts, check out our previous blog, which takes an in-depth look at how you can stay safe from this growing threat.
Secure your online services
More and more cybercriminals are moving towards targeting virtual spaces rather than physical devices. While attacks on any employee’s device can be potentially devastating, attacking online services such as CRMs or communication platforms allow cyber-criminals to access customer data alongside that of your staff.
While targeted attacks are very difficult to prevent completely, there are some key steps you can take to avoid them. The first is the require two-factor-authentication on any software that staff might need to access remotely, this will provide an extra layer of protection to customer data. The second and perhaps most important is to work with services that are actually designed for business use. There are plenty of popular video conferencing or CRM services for example, that are fantastic for consumer use, but don’t provide anywhere near the level of protection that a business needs.
Provide the right training
There is no better way to prevent cyber-attacks or mitigate their impact than a well-trained workforce. Our IT training service can keep users in every level of your business up to date.
- We can provide basic tutorials on the software that your business uses every day, including cyber-security tips. These can be tailored to each user’s skill level and can include remote workers.
- For users with more permissions and access to a range of admin software, we can help ensure that you have the skills in place to manage your cloud software. We can also handle everything for you if you’d prefer.
- We can help make a disaster recovery plan for your business. This can complement any existing remote working policy that you have in place. It allows you to quickly and safely operate remotely whenever required.
To find out more about how we can support your remote staff, and for a quick assessment on how safe your business currently is against cyber-security threats, sign up for one of our free 30-minute IT consultations.