Over the last few months, businesses have embraced remote working. And some have even found this new way of doing things preferable.
83% of small to medium-sized businesses expect some or most of their employees to be able to continue working remotely after the pandemic. While this can bring benefits for you and your team, such as a better work life balance, continuing to shift interactions online doesn’t come without its risks.
You need to strive for top-class cyber-security to support this way of working.
Research carried out by Cybersecurity Insiders found that, during the pandemic, 53% of businesses saw an increase in phishing attacks and 38% said that over the past year someone in their organization fell victim to a phishing attack. It’s clear from this that cyber criminals are not missing an opportunity to get their hands on your data, but there are some simple ways you can stop them.
Bring your own device
Bring Your Own Device (BYOD) was already a trend before COVID-19. But now that we’re working remotely, it’s something we should all take notice of.
Gone are the days when we accessed data on one device from one physical location. At home, we are surrounded by numerous personal devices, any one of which we may want to use to work – from phones and tablets to personal laptops.
BYOD is convenient for employees and businesses alike, but personal devices may not always be secure. Every new phone or laptop that accesses company data represents a potential new point of entry for criminals.
Minimize the threat by creating a set of baseline security policies. For example, reminding employees they can use any device as long as they have downloaded a certain piece of antivirus software. Or sharing information on the most up-to-date operating system, in case they haven’t downloaded it. This way, you can be confident that all devices accessing company data reach a security threshold that you’re comfortable with.
As we mentioned above, phishing and employee impersonation are two of the most common cyber threats. What do they both have in common? Both rely on human error.
With so many of us relying on email now, it’s all the more likely a dubious message may slip through the cracks. So, it’s crucial that staff at every level receive training and know what to look for and what to do if they spot something that looks suspicious.
Password security and best practice training can be particularly helpful in bringing people up to speed without costing too much. Make sure these courses happen more regularly and that employees can access refresher courses whenever they want.
And finally, make sure your team feels comfortable and supported when they do flag a bad link or attachment. That way you can find a quick solution and stop further damage.
The human firewall
The best line of defence can be the employees who work for you – known as the ‘the human firewall’.
One of the best ways to strengthen this is by creating a culture of cybersecurity and making sure security is at the top of corporate agenda.
Talk about it in newsletters, include cybersecurity in on-boarding training, nominate security champions to help keep the topic front of mind and do ‘live fire’ cybersecurity drills and award prizes for those showcasing the best security practices.
Ultimately, don’t think of cybersecurity as a barrier. Because in reality, it’s just the opposite. Once you have the right software, policies and culture in place, you’ll be more empowered to fully embrace remote working.