Person working on a computer in their home office

Cybersecurity while working from home

14 April 2020
Currently the coronavirus pandemic is causing widespread disruption to UK businesses, forcing many people to work from home. This sudden increase in working from home has not only put stress on IT infrastructure and support, but unfortunately presented opportunities for cyber criminals and attackers to take advantage.
So with working from home arrangements at a much greater scale than ever before how can businesses ensure they have security measures in place to help protect them?

Spotting email scams

One of the most common cyber-attacks is a phishing attack, where cybercriminals will send you emails or call you to try and retrieve sensitive information from you.

Cyber-criminals are using coronavirus as a way of attacking your systems, posing as organisations such as the World Health Organisation (WHO) or the government to gain your trust before tricking you into handing over money or information.

Take a look at our guidance on phishing scams in a related article here.

Keeping your device secure

Whether you are working from a work device or a personal device, you should make sure that you look after them, don’t lose them and keep them in good condition. Losing a device through neglect or theft means that whoever has acquired it can potentially use it to find out sensitive information if it isn’t secured with passwords.

If you are worried about others being able to access your device, put it somewhere safe and hidden whilst you are not using it.

Choose a secure password

Whilst you might have certain passwords that you remember that you use for personal accounts, having these for your work accounts could put your data, or your customers’ data at risk.

Take a look at an article that we have previously produced to find out how to create a secure password and how you can keep your passwords safe.

Multi-factor authentication

This is a way to verify a user’s identity by confirming multiple credentials.  For instance, this could include a password and then a randomly generated code from a user’s smartphone.

Deploying some form of multi-factor authentication adds an extra layer of protection for mobile workers accessing company information and data. If multi-factor authentication is not in place it’s deemed easier for cyber criminals to bypass other security measures which may be in place.

Have the latest security updates

When your device tells you that there is an update ready, don’t just keep postponing it, as these could include updates to security or fixes to bugs that could leave your device exposed to cyber-attacks if not implemented. Find out if your device is up to date in the computer settings and download the newest update as soon as possible to ensure that you are protected.

Only use secure and reliable software

Some of the applications that are being used to allow us to communicate are causing some security concerns. For instance, the reliance on video conferencing apps such as Zoom and Houseparty, have both raised many information security concerns, although Houseparty has denied the claims that their app caused security compromises to other apps such as Netflix, Spotify and even bank accounts. Despite this there is still a risk that any user can enter your group’s chat unless privacy settings are implemented correctly.

There are also other risks associated with using unlicensed software, such as exposure to malware and legal problems if the software infringes on copyrights.

Use a remote working station

Where possible, try to remotely connect to your work computer, which may already have tighter security measures for your files and sensitive information.

To be able to connect remotely, you will need a reliable and secure internet connection both at home and in your place of work. You may need to make visits to your business premises to ensure that your computer equipment is set-up correctly, still connected to the internet and safe from theft.

You may also need to set up a VPN to be able to access your work PC.

Disable USB ports

The USB ports on a computer allow portable devices to access files and data, but can also mean that potentially unsafe files and data can be planted into your systems.

Whilst a USB port can be useful if you need to transfer data from your workplace to home, it can come with some risks, such as unsecured USBs transmitting malware or disgruntled employees being able to steal company information.

There are many guides on how you can disable your computer’s USB ports on the internet. Instead, any data or files that come to you could come through email or online file-sharing services where you will have better discretion on whether or not you want to open them on your work’s computer.

It is important to make sure that you have the right insurance in place to protect the business that you have built. Every business is different and has its own business insurance needs, which is why we work with some of the UK’s most well-known insurers to ensure that you are getting the right insurance cover for your business.
The information and tools contained in this guide are of a general informational nature and should not be relied upon as being suitable for any specific set of circumstances. We have used reasonable endeavours to ensure the accuracy and completeness of the contents but the information and tools do not constitute professional advice and must not be relied upon as such. To the extent permitted by law, we do not accept responsibility for any loss which may arise from reliance on the information or tools in our Insight Hub.