Helping you work safely during Covid-19 – Cyber security guidance for remote working
In these challenging times, it’s sad to learn that cyber criminals are only increasing their activity as they look to capitalise on the Covid-19 crisis. With the NCSC (National Cyber Security Centre) issuing warnings of such activity on a daily basis, it’s important that we all work to protect our organisations from the damage of cybercrime. Whether we are an administration assistant, lawyer or managing partner we all have our role to play.
As many of us move to working from home, the opportunity for cyber attacks only increases, so it’s vital that we work together with our IT and security teams to adopt good cyber health practices:
1. Only work on secure networks
If you are working from home, you should only be using a VPN (Virtual Private Network) or a secure home network with strong end-to-end encryption; e.g. Office 365 SSL session. Don't be tempted to use public wifi, as hackers can position themselves between you and the access point.
2. Beware Phishing emails
Phishing is a disguised email, that aims to hook the recipient into clicking a link or attachment that enables a cyber-attack to take place. Attackers masquerade as a trusted entity of some kind, so it’s important to be extra vigilant:
- Don’t click on links in emails from people that you don’t know.
- Don’t open emails purporting to contain important updates from your organisation, especially those that ask you to validate your credentials or install additional software to permit remote connectivity.
- Check the grammar, punctuation and spelling of the email – in many cases, these are clear signs of a phishing email.
- Don’t open emails relating to Covid-19, purporting to be from bodies such as HMRC or the World Health Organisation as these are known phishing tactics.
If you are at all in doubt, then the advice is to call the sender to verify the details.
3. Implement multi-factor authentication (MFA)
Weak security credentials are easy targets for cyber criminals, so if you have not yet set-up multi-factor authentication for access to your organisation’s systems, then now is the time to do so.
4. Make personal devices secure
If your organisation has sanctioned the use of personal devices, then it’s important that you implement anti-virus software and make sure that any software and operating systems that you are using are up-to-date. Outdated software is easy for cyber criminals to exploit.
5. Adopt secure working practices
Don’t be tempted to make life easier by forwarding information to personal accounts or cloud storage accounts, which are more vulnerable to cyber-attack. Locking your computer when it’s not in use, ensures that other family members don’t accidentally open your device to malware or phishing attempts.
If you would like to learn more about how to build your resilience to cyber threats during these uncertain times, then please contact Isabel Thompson, Commercial Director at Warner McCall Resilience. Isabel can be contacted at Isabel.firstname.lastname@example.org or on 07824 498 591.