How To Stay Safe When Working Remotely
Over the past decade, the number of employees working remotely has shot up by a fifth, and the trend is set to grow further and further. After all, employees no longer need to be lumbered behind the same desk for 40 hours a week. But where productivity, convenience and moral gain, cyber security is hampered.
So, if you’re thinking about launching a work from home initiative, or whether you’ve already introduced it on any level, here are some of our security tips for your end-users to live by.
Keep your passwords to yourself
You wouldn’t type in your ATM pin for all the world to see, so why should you treat your password any different? With a growing trend of “shoulder surfing” (spying on someone’s device to obtain login credentials/ company data — often in a public area such as a train), employees need to take extra care when using devices in busy areas.
It may sound like common sense, but covering your screen is the easiest way to stop shoulder surfers from stealing your credentials and accessing your accounts.
Here are a few tips to keep your password safe:
- Change your password regularly
- Never re-use the same password
- Avoid using any personal information in your passwords
- Never share your password with anyone
Ensure up-to-date security protection is in place
It’s very common for employees to use their personal devices instead of the ones supplied for them by the business. When employees use their own devices, they could potentially cause harm to the business by allowing corporate data to be stored on a less secured computer.
Devices that are used for work by the organisation should be properly protected with antivirus, web filtering, firewalls, and other preventative software. If employees are using their own personal devices for remote working, they should ensure their security protection is up-to-date.
Be cautious when using public wifi
The problem with public Wi-Fi is that there are a tremendous number of risks. Man-in-the-middle, snooping and sniffing, unencrypted networks and malware distributions are just some of the ways that cyber criminals can attack.
Make sure that your users know to disable file sharing, log out of accounts when finished with them, and only visit sites using HTTPS.
Look out for fraudulent emails
When working away from the office, employees will naturally turn to email when communicating with colleagues, making it even more important for them to be able to spot fraudulent messages. It’s vital for end-users to not only be able to spot a phishing email, but to also know what information they shouldn’t send through email.
Raising awareness around phishing emails and email best practice are great ways of mitigating these threats, as well as policies around what information should not be involved in this method of correspondence.
“Only 3% of users report phishing emails to their management”
Be careful when using public computers
A vast majority of people will use their own laptop for remote working. On the odd occasion, an employee may need to use a public computer, like in a business suite in an airport. Employees should be made aware of the security issues when using public computers.
They should not be used for any sensitive information or private browsing. After using a public computer, your browsing history should always be deleted as well as any downloads that have been made.
One of the biggest freebies you’re likely to come across at any business event or conference is the seemingly harmless USB stick. Most end-users will plug these in without a second thought, unbeknown that these little devices can contain harmful malware
That being said, the more likely scenario will be for an employee to stumble across a ‘lost’ USB outside of work, with intrigue causing them to plug the device into their personal or corporate computer. This is a known tactic that cyber criminals use to install harmful software onto computers and devices, often resulting in stolen data or ransom payments.
Employees need to know that any USB found outside of work should be left well alone, or any found inside of work should be handed to the IT department to check over.
Want to raise employee security awareness around these issues? Take a look at our automated security awareness training platform for free. No card details needed just instant access.