According to a new survey from VPNOverview.com, almost 70% of UK workers have given no thought to the cybersecurity implications of working from home. The survey quizzed 2043 employees across the UK and concluded that most were lacking in awareness of both the threats and their potential solutions. That means they could be putting their organisational networks and data at risk. The survey was conducted in the wake of the mass shift to homeworking caused by the Covid-19 pandemic and consequent office closures.
Shifting operations to remote workers brings some new challenges from the tech-security perspective. Many employees are connected to their work’s central networks for long periods, which means there is potential access to sensitive data for much longer periods of time. They also tend to have significant amounts of company equipment such as laptops and phones at home.
Despite this lax attitude, almost half of people surveyed said that they believed they could lose their job if one of their company devices was compromised. A third of those questioned admitted not having password-protected their main working device, whilst a similar proportion said that they had no qualms about leaving devices in plain view of windows. One in four said they didn’t use password-protected Wi-Fi.
The study identified utilities, manufacturing, construction, engineering, and recruitment as the industries with the highest levels of cybersecurity failings. As a business owner, there are a number of things you should be doing to protect your company from cybercriminals seeking to take advantage of remote-working.
Invest in antivirus software
The cost of cybercrime can be catastrophic for businesses and one of the simplest yet most effective things you can do is to invest in an antivirus solution for yourself and all your employees – wherever they may be.
These solutions offer automatic security against a wide range of threats, including; malware, viruses, spyware, Trojans, worms, phishing scams and zero-day attacks. Cybercriminals are busy looking for new vulnerabilities they can exploit and ways to gain access to your network: antivirus solutions can detect almost all attempts and stop them in their tracks. These solutions also update automatically to stay ahead of the game.
Ensure you have a strong and secure company VPN
With everyone working remotely, it is likely that more devices than ever are connecting to your main Virtual Private Network (VPN). Unfortunately, this creates more potential ‘ways in’ for hackers to exploit.
Some of the main ways you can boost VPN security include; using more stringent authentication methods such as MFA devices; upgrading to a Layer Two Tunnelling Protocol; ensuring employees are following password protocols; and ensuring employees logon via secure networks (using wireless routers and firewalls). Also, make sure your antivirus solution also covers VPN issues.
Have clear policies
Many organisations had to move to remote-working at very short notice, so it could well be that many haven’t had time to fully update and rewrite the relevant policy documents to reflect the new situation. It is crucial for these policies to be updated, well-publicised, understandable to non-tech personnel, and that there are open communication channels for employees to raise questions about them.
Policies exist to protect both the employees and the organisation. Adherence to them should always be understood as part of a mutual agreement. Adherence also needs to be closely monitored so that common and frequent issues can be flagged and discussed in a non-accusatory way.
Be aware of email hazards
Remote selling and working entail a lot more email exchanges to replace face-to-face meetings. The dangers from fraudulent emails has therefore increased too, and it is a common way for cybercriminals to gain access to systems.
To combat this, you should ensure your employees are educated in how to spot and deal with suspicious emails. Ensure that emails are only accessed through your VPN and that every employee device encrypts stored data.