Site Notice: Just to make you aware we are still open for business as usual.
With many of us now working from home and adjusting to new ways of communicating and conducting ourselves, security can sometimes be the last thing we may have considered. We all assume the precautions have been taken at company level so we are covered.
However, this isn’t always the case and we do need to be aware of new and evolving Cyber Security Risks.
Your organisations network will have measures in place to protect against hackers and scammers. At home, you are likely to be far less protected! Overnight homeworkers have suddenly become a much more valuable target to unscrupulous people because if they are successful, they have access to valuable company data and resources.
We look at some of the threats you could be open to and how best to mitigate these risks.
Since the advent of more and more people working from home due to the pandemic, not surprisingly there has also been an increase in phishing scams.
Be aware hackers are capitalising on the coronavirus to send emails that try and trick users into clicking on malicious links, download files containing infections or just trick you into revealing personal data.
The scams are generally targeting home workers, offering information from HR or IT staff asking to update details or install apps to help secure your account.
Any email that’s asking for you to do something on your computer, for example download a file and install, click on a link etc please be alert.
The last month has also seen a surge in malware, this often contains software that secretly registers key presses. It then sends this data to the hackers giving them your username and password information.
Video sharing site Vimeo last month froze accounts after a malware infection targeted some of its user accounts for theft.
There is so much going on at the moment that software on your computers may not have been updated and will be the last thing on business’s mind, again unpatched software can leave you open to security breaches.
In order to keep your organisation secure, we recommend a multi-layered approach.
Patch Management – Who manages your company software updates and how? It may be worth exploring this and understanding how this will be implemented with many staff working from home. We recommend a centrally managed approach, so you are not reliant on users to carry these out. Patch Management can be managed internally or outsourced.
Anti-Virus – it is essential you have an up to date and reliable Anti-Virus solution installed which has virus, phishing and web protection.
Multi-factor/Two -Factor Authentication – Where possible make use of two-factor authentication. This is enhanced protection going beyond username and password, by adding an additional step where you will also require an extra token such as one-time password (OTP), an app on another device, a hardware token or biometric token when logging in.
This may well be annoying but will protect you and your company should you fall victim to a phishing scam, even if the hacker steals your password your account is protected.
Distinguish between personal and work – If you are provided with a work device only use that device for work and do not use it for your personal life, potential infections will not spill from your personal life to professional life or vice versa.
For more information or advice from our team please do not hesitate to get in touch.