No doubt that many of us are facing testing times and changes to our daily working arrangements with the government advice on all members of society having to work remotely (for the time being), which for most of us is home. One of the parallel dangers in working remotely is the issue of Cyber Security since a majority of us are not on our corporate IT networks. For most of you who have a large Enterprise IT support, I suspect a majority of corporate laptops or PCs are using your company’s VPN and this ensures that a private connection to your IT network can be established remotely.
Whilst this offers some form of protection, there are increasing dangers in light of recent events that mean regardless of whether you have a large Enterprise IT support or whether you are an SME with a smaller IT footprint, the following advice is recommended to support your remote working needs.
Security Threat:
The term security threat is the potential for something malicious or for something intentionally bad to be implemented against you and your IT systems. With the recent COVID-19 in a time where we are anxious and fearful of the unknown pandemic, this is also the time that cyber criminals target those that may be vulnerable. With a significant of us working remotely this threat is amplified by the ability to not be protected by our IT systems.
In light of the COVID-19 we are seeing significant reports globally of an increase in Phishing emails designed to lure users into either clicking on links or downloading attachments. We are also seeing ‘Corona’ related malware specifically circulating the Internet that is being used in tageted attacks to individuals through phishing and general websites hosting information on Covid-19 where by these websites contain malware downloadable links.
Recommendations for Implementing IT Security when working Remotely:
Whether you have support from your company’s IT Enterprise systems, use a third-party managed IT service or manage your network, now is a good time to ensure your Operating Systems are patched and up to date
For approx. 90% of us, we all have Wi-Fi in our homes or spaces where we are working. Now is the time to consider the following:
Check you are not using a default wifi password for connecting to your wifi router and consider changing it and using a password manager to store your wifi password
Ensure that you are using at least WPA2 but ideally WPA3 protocol when connecting. For some, this option may be limited but you can check if you log into your wifi router and this can be explained often if you look on the back of your wifi router for details about how to access the wifis panel
If you’re a small SME without the support of a third-party managed IT service or the offerings of an IT Enterprise support team, consider using a commercial VPN provider. Especially if you need to work on Public wifi networks as this will provide an added layer of protection for your data that you use on your network
If you receive any emails relating to COVID-19, Coronavirus or anything related to the current pandemic then treat the email with suspicion and report the email to your IT Administrator. For those who do not have this support, make note that you have received such an email and delete the email. Do not click on any links or download any attachments. We advise that if you’ve received such an email it may be because your email address has been obtained from a previous effort or through a data leak from a service you have used before and therefore the risk of increased phishing emails to you will increase
Ensure that you have updated anti-malware and/or anti-virus software, or agents installed on your laptops or PCs. For those of you who don’t have anti-malware we recommend you purchase a commercial anti-malware application. We don’t advise on which one you should use but having some form of protection is better than none
If you are sending confidential or sensitive information in the form of emails or via a chat application, be aware that you’re not on a corporate IT system so if you send something to the wrong person or by accident the consequences are higher. Ensure that you pay special attention when you are sending this information and whether you need to protect the data before sending it
For those who have some form of IT support, ensure you have up to date contact information about how you can contact your IT administrators. If you’ve used a web portal for raising tickets but the system is down how will you contact them, e.g. have a plan B?
Need advice on your security needs but not sure what or who to contact, then we can help. We are offering telephone and email advice for free to users who may be in a spot of bother during this pandemic so feel free to contact us for advice on the protection your home network and/or your business networks.