Over the past almost 2 years, it is well known that the way that businesses operate has changed drastically and suddenly. With offices closed across the country, many workers made the switch to working from home during the lockdown period and taking their offices to their spare rooms.
Research reveals that many workplaces will continue to allow home working opportunities even after lockdown, either as a permanent remote position, or a hybrid position with some days at home and others in the office. With this new flexibility of location, there are also new cyber security considerations for your business’ IT infrastructure, which could become costly mistakes if not addressed promptly.
The pandemic has also led to a surge in cyber attacks, with cyber criminals taking advantage of common home-working security defects, along with the uncertainty surrounding the pandemic and lack of communication between staff. This could be a recipe for disaster if risks are not assessed and mitigated quickly. In this blog we cover some common risks, and simple ways to combat these.
What are some of the risks?
- Phishing Schemes
These commonly appear as email communication, often tricking the recipient into unknowingly downloading a virus under the guise of something they need to open, such as an invoice or customer file. With sophisticated technology, the criminals can make these emails look very convincing, and even clone a company email address.
- Weak Passwords and Insecure Home Wi-Fi
Although your company passwords and office Wi-Fi have been assigned satisfactory password protection and security, your staff may not be as clued up on the importance of strong password protection on all levels. For example, if a staff member has a predictable password for their wi-fi, personal device, Slack/Trello/Teams account this could lead to cyber criminals accessing important data via these channels.
- Working from Personal Devices
Employees are using their personal devices more regularly to access work information, and for two-factor authentication to access apps and services. This increases the “attack surface” of your company, as there are now more access points to your business information. If a staff member loses (or even sells) their personal device, your security could be compromised.
How can we limit or mitigate these risks?
- Keep up-to-date on phishing/security training and awareness for all employees such as identifying phishing emails, and how to make their home Wi-fi security stronger. Ensure employers understand their responsibility in protecting the business’ security, and perhaps provide a checklist for home working staff on how to keep security measures strong.
- Use multi-factor authentication whenever possible to ensure there are multiple layers of security to your business IT network. Apply firewall and security updates/patches on all computers and devices regularly to ensure they are covered for developing cyber risks continually. Check your staff have adequately complex passwords on all devices linked to your business.
- Make sure employees are comfortable reporting issues immediately when they make a mistake or suspect something is wrong. Many staff will fear being reprimanded for making a mistake if they believe they have risked security. Reassure and remind them of the importance of flagging these issues.
What SA1 can do for you.
At SA1, we stand by the proverb “prevention is better than the cure” and have years of experience in assessing and managing cyber security risks for a variety of businesses, taking their individual needs and requirements into account. Our expert team aims to always be one step ahead of the cyber criminals by constantly predicting weaknesses within a business’ IT infrastructure and fixing them promptly.
SA1 Solutions is a Cyber Essentials Certified, which is awarded to companies that show a high level of commitment and knowledge on cyber security. So, by choosing SA1 to provide, manage and maintain your security, you can rest easy knowing your business's critical infrastructure is secure and protected.
Contact a member of our team today on 01792 464242 or email info@sa1solutions.com to discuss how we can assess and support your cyber security needs.
The cloud has introduced numerous possibilities for businesses in terms of greater efficiency surrounding data storage, disaster recovery and security.
Read More
Having a sufficient IT infrastructure is a fundamental component to any organisation that wants to function efficiently and effectively in this economic market.
Read More
Could your business benefit from a complete networking system? Find out what it is and how it could make a difference to business productivity.
Read More