Working From Home – Vital IT Security Considerations

IT security has never been so important since the COVID-19 working from home movement took over and, even though staff are gradually being brought back into the workplace, it looks like the remote working trend is set to stay for some time yet, with a hybrid approach well on the cards.


So what should you as an employer be thinking about in terms of setting a robust IT security policy, so that your systems and data are all kept safe from the increased threat of cyberattack as your workforce settles in to a more permanent work from home mindset? Join us as we explore some of the most prevalent cyber threats connected with remote working, and share expert advice on how to safeguard your business during these challenging and changing times.


What are the most common IT security threats connected with working from home?


The coronavirus pandemic has resulted in a sharp rise in phishing scams, many of which have been taking advantage of people’s anxieties around the situation and preying on people’s need to look for reassurance on COVID-19 related issues.


According to a report by Infosecurity, there has been a 600 per cent increase in reported phishing emails, many of which have been related to the pandemic.


Emails were intercepted purporting to be from the World Health Organization (WHO), requesting that victims download a ‘safety measure’ by clicking a link. They were then prompted to verify their email by entering login details. Other bogus emails seemed to come from government departments including HMRC and the Health and Safety Executive, all with the goal of collecting sensitive data and login details for fraudulent use by cybercriminals.


As well as phishing attacks, just the mere process of logging in to company networks from a remote location has been proving a considerable IT security risk. This is because, when remote workers use ‘remote desktop protocol’ (RDP) to access a network, it can open the way for ransomware attacks. Ransomware is a type of malware that encrypts a victim’s file, making it impossible to access data. The cyber attacker then demands a ransom in exchange for making it accessible again.


Unless multi-factor authentication (MFA) is used to login securely, any unsecured network can become a gateway for hackers.


So those are the most common IT security risks associated with working from home. Now let’s look at how to protect your business from those risks.


1. Set a remote working IT security policy


It is vital that your workforce knows how to deal with IT security threats as well as how to spot them. For this reason, it’s essential that you put an IT security policy in place and provide clear guidance to staff on how to stay safe when working from home.


Your policy could include advice on:


  • Safe creation and use of passwords
  • Ensuring software is kept updated to the latest versions and security updates are installed
  • How best to securely store devices when not being used
  • Using company devices in public places
  • When and how to report the loss or theft of company devices
  • How to clear a browser cache to prevent login details being hacked
  • Your acceptable use policy for browsing non-work related websites
  • How to make a cybercrime report


2. Make multi-layer authentication a must


Multi-factor authentication (MFA), also referred to as two-factor authentication (2LA), is a way of logging in to a network or platform that calls for a second layer of evidence to prove you have a right of access.


Microsoft says that enabling MFA can reduce account compromise up to 99.9 per cent, which can reduce the chance of stolen credentials being used to almost zero.


3. Use a virtual private network (VPN)


With a VPN, you have a secure, encrypted connection between your PC and an internet server. A VPN has the power to prevent you being spied on as you work It also prevents hackers seeing any data that you access via the connection.


Never allow your employees to access your company network via their own internet connection. Always use a VPN.


4. Don’t let staff use their own devices


By allowing remote employees to work on their own devices, you instantly lose control of your IT security. How can you be sure that your worker’s device isn’t infected with malware or viruses? Or that its firewall or antivirus software is up to date?


Instead, you should provide your remote workers with company devices. Of course there is the capital outlay to think about, but what would be the cost of a cyber breach in terms of lost revenue, damaged reputation and potential data breach fines from the Information Commissioner’s Office? Devices installed with your organisation-approved IT security are a whole lot safer for your business.


5. Use a password manager


A crucial part of any IT security policy has to be a set of rules on password usage. It is highly recommended that a password manager is used to set and store passwords. These help protect online accounts because they set strong, non-duplicate passwords, and store them securely so that staff don’t need to write them anywhere to remember them.


Examples of password managers include LastPass, BitWarden, Dashlane, Keeper and 1Password. Web browsers including Chrome, Safari and Firefox also have built-in password controls.


A few password managers have the ability to raise an alert when a site has experienced a data breach. Some will inform you if the password you’re using has been found in a stockpile of stolen user data, which is the case for at least 555 million passwords. Password managers also can help you find weak or reused passwords so that you can take steps to strengthen them.


Remote working IT security solutions, tailored for you by PC Docs


At PC Docs, we offer a variety of remote working IT solutions, all of which can be fully tailored to suit the specific needs of your business and the way you work.


Why not get in touch today to learn more about the IT security services London businesses have been depending on to safeguard what matters and enable their remote workforce? We look forward to being of assistance.

Related insights

What Are Cloud Servers and Which Are Best for Your Business?

Read more

Data Backup and Recovery – What Options Does Your Business Have?

Read more

What is a virtual desktop and how can it benefit your business?

Read more

Ready to feel supported?

The team at PC Docs looks forward to your call.

Get in touch