As we move into a time of greater tele- and video-working, what does this mean for cyber risks?
The response to the spread of COVID-19 from municipal, regional and national authorities around the world has been to encourage or mandate self-isolation and working from home. As a result, companies providing tele- or video conferencing services are booming. Hundreds of thousands of office-based workers are moving out of their cubicles and into their living or dining rooms and setting up shop using tools such as Slack, Zoom or Skype to stay in touch with colleagues. This is having, and will continue to have, a massive impact on the way we work. Online media is awash with heart-warming and hilarious ways to maximise productivity and minimise the risk of going stir-crazy in the absence of human contact.
Keeping sane while conversation or social interaction is at an unprecedented low is crucial to personal wellbeing. But there are other risks associated with the increase in home-office use. As more and more companies embrace agile working, we are seeing increasing reports concerning privacy, with personal data being leveraged by some digital platforms. Cyber security risks associated with sensitive information held on corporate servers are exacerbated by staff connecting remotely, either through poorly secured Wi-Fi networks, or by mixing home and professional devices.
The usual rules about being wary of suspicious emails, keeping passwords updated and controlling access to our devices still apply in the home. However, as we move further into the digital work culture, here are four more tips to ensure home-office workers can keep both their personal and professional lives secure.
- Provide corporate devices to staff working from home.
Providing staff with a company-issued device helps to reduce the possibility of cross-contamination from home devices infected with malware. It also helps maintain a healthy work-home divide.
If you have been issued with a corporate laptop, make sure you close it down and keep it somewhere secure at night, or even when stepping away for a few minutes. This will reduce the likelihood of roommates using it for convenience or, for the families, children spilling liquids on it.
- Do not connect home USB memory drives to corporate devices.
It is very tempting to use that old USB memory key or external hard drive to back up your work. But when was the last time that key or drive was scanned for viruses? Chances are it hasn’t been checked for quite some time, which means it could have malicious software waiting to be connected to an unpatched or differently protected device. This advice goes both ways: do not connect company memory devices to your personal devices either.
- Ensure home antivirus software is updated.
Companies will, or at least should, ensure that the antivirus protection on a corporate device is up to date. However, it is the individuals’ responsibility to secure any private networks to which those devices will connect. Whichever software is in use on home networks, it is the individuals’ responsibility to ensure that the latest updates are downloaded and deployed.
- Be extra wary of phishing.
Since the Covid-19 outbreak several news outlets have reported increases in phishing operations. Criminal actors masquerading as government entities are pretending to issue official advice and even tax refunds to those who provide their bank details. When working from home we need to be even more vigilant to avoid such scams.