Improve work from home cybersecurity – 70% of workers have experienced a threat
Working from home has its advantages, but in today’s digital era, it also comes with its fair share of risks too. According to a market research report released earlier this year, 70% of remote workers have experienced IT problems during the pandemic.
And with remote working here to stay for the foreseeable future, there’s no getting away from the risk of employees falling victim to a cyber attack away from the office. Here, we explore the current scale of the issue and share some practical tips for implementing cyber secure working from home arrangements.
Working from home cybersecurity risks
The cybersecurity risks associated with working from home are widespread due to the sheer volume of work being conducted online. And if these at-home online systems are not carrying the same level of cybersecurity protection - e.g. the same firewalls, secure connections, blacklisted IP addresses - employees, and their employers, are leaving themselves wide open to cyber attacks.
Unfortunately, the issue was catapulted by Covid-19 to never-seen-before levels, created by the world’s workforce having to switch to remote working literally overnight. As a result, this left, and continues to leave, employees completing tasks and logging into meetings using processes that don’t follow the same robust cybersecurity methods that are used in the office.
Cybersecurity risk statistics when working from home
While cyber crime isn’t a new threat, the working from home movement means it does now present a whole new level of risk. Not everybody is back to 100% working in the office, and won’t be for as long as the battle to bring Covid-19 under control remains.
What’s more, almost 50% of organisations are reportedly giving employees the chance to work remotely full-time once the pandemic is fully over. In the meantime, 82% of companies are allowing employees to work from home at least one day a week.
The effects of working from home and the associated cyber crime threat are already being felt on a widespread scale. During the early days of the pandemic:
- There was a 630% increase in cloud-based attacks between January and April 2020
- Google blocked 18 million daily malware and phishing emails in April 2020
- 69% of organisations admitted to failing to deploy antivirus software for work-generated devices
- 44% of organisations didn’t provide cybersecurity staff training
- Phishing emails rocketed by 600%
- Remote workers caused a security breach in 20% of organisations.
- The list goes on…
Working from home cybersecurity tips
The importance of homeworking cybersecurity cannot be underestimated. And while it can be easy to automatically assume tackling it lies with organisations, e.g. to implement the necessary safety measures, responsibility actually falls with employers AND employees.
With that in mind, here are 7 best practice, easy-to-follow tips, regardless of if your teams are working from home once a week or full-time.
1. Use a VPN
VPNs, or Virtual Private Networks, are a secure alternative to using public wi-fi. By installing VPN software, you can encrypt traffic between your device and VPN server. This level of encryption essentially acts as a shield, making it more difficult for cyber criminals to intercept your networks and access your data. If you haven’t already done so, providing your employees with a VPN should be one of your main cybersecurity priorities. And don’t forget about them either; VPN best practice dictates that you should periodically review your VPN to guarantee you’re using the very latest version.
2. Use two-factor authentication
Two-factor authentication puts an additional layer of security in place on top of standard online password log-ins. Without it, you just have you type in your username and password. But with two-factor, as the name suggests, you are required to complete a further phase of authentication, such as entering a 4-digit number that’s texted to you or a follow-up phrase, such as your mother’s maiden name. Having double the amount of authentication in place makes it doubly challenging for cyber criminals to compromise key accounts.
3. Be aware of phishing emails
Phishing email scams may be commonplace, but they are getting increasingly sophisticated, just like most forms of cyber attacks. Educating staff about them is one of the most effective forms of defence. It’s important everybody is on their guard against phishing emails at all times. This can easily be achieved by making sure they don’t open messages from people they don’t know. Hovering over links to see where they are pointing to is also a useful tactic. Another key giveaway is emails that are littered with grammatical and spelling errors. The bottom line is, check everything, and trust your instincts!
4. Install security software
Security software is a cybersecurity staple. At the very least, all home workers should have anti-virus software installed on all of their devices. Firewalls, such as Windows Firewall and Mac OS X, can also help screen against cybersecurity threats, such as viruses and hackers, and ‘police’ traffic that enters devices. It’s highly recommended that all employers inform their employees about the importance of security software and provide them with guidance on installing and using it.
5. Make sure your software is up to date
Dated security software is weak software that will leave you wide open to ransomware. To avoid this, all home workers should periodically check their operating systems and applications to make sure they’re using the latest possible versions. Any dated software should be immediately patched with the latest updates that are designed to protect against rapidly-evolving cyber crime tactics. As is the case with VPNs, employees should be encouraged to regularly update this software.
6. Use work devices
As obvious as it sounds, employees should only use work devices, e.g. laptops and mobile phones, for their work. While it may not seem like a major issue for employees to use their personal devices because they prefer them or use a combination of their work and own equipment, it’s far from ideal. It’s essential employees only use their work devices while working from home because they will have been equipped with the necessary security software to help prevent cyber attacks. Furthermore, because this software is controlled by the IT department, it will continue to be maintained and updated with the latest cybersecurity updates.
7. Secure your home router
Wireless routers are another key component in the fight against cyber crime. There are some simple measures all workers should follow to strengthen the effectiveness of their routers. They include changing the default name of their home wi-fi, creating a new password that’s at least 20 characters long, switching on the encryption feature and checking the firewall is on. It’s also important to disable network name broadcasting to the general public and keep the security software that’s installed on home routers regularly updated.
We can all work from home securely
It just takes a little insight and time to make it happen. While it can be tempting to keep putting home cybersecurity off to another day because you’re busy, you could wind up having to spend even more time – and money – having to put things right if a cyber attack does happen. Regardless of your business type or how many employees you have, it pays to be cyber secure now, more than ever.
Gary Christie, one of our Presales Consultants, shares his top tips for how to be more cyber secure
4 key considerations to limit the cyber risk posed by your users as they return to the office