The last 18 months has provided challenges for many; creating home office spaces, adjusting to video meetings, avoiding distractions and loneliness to name just a few. However, with most companies introducing phased or hybrid return-to-work strategies, we are faced with a new set of challenges. One of which is ensuring colleagues and employees maintain vigilant with regard to cyber security.
Here are our Top Ten Tips to keep you and your staff safe online during this reintroduction to the office.
1. Mobile Device Management
2. End Point Encryption
Encryption, the process of encoding or scrambling data, can be used to protect employees from having their information and sensitive documents taken or hacked. By making documents unreadable and unusable, end point encryption enables users to store and carry information around with them on their device without risk of compromise or exposure. Documents can only be seen once a prearranged password or biometric security measure had been entered, for example a fingerprint scan on the device.
3. End User Training
Whilst companies spend large amounts of money on technical defences to protect their systems and data, often employee training is overlooked. You should see your team as the last line of defence or the “human firewall” protecting your business. As such deploying a Cyber Security training programme within your business is critical to your Cyber Security efforts.
4. Multi Factor Authentication
Multi factor authentication (MFA) refers to security technology that requires multiple methods of authentication. Often, this includes use of two or more independent credentials such as a written password as well as a random 6 digit code generated by an authentication app. By opting to use MFA, employees reduce their exposure to risk of data hacking. Business Email Compromise (BEC) is one of the most common and damaging cyber attacks and MFA vastly reduces the risk of this.
5. Categorise Your Data
We recommend that clients assess where their buisness critical data is held. This is often within individual departments as well as within the whole team. By going through this exercise, you might find that your critical information assets are not where you thought they were. Before you can secure your information assets, you need to understand where they are. For example, if you are using a SaaS CRM solution, the same level of protections needs to be applied to that resource as your corporate email system.
6. Encrypt Files When Sending
Employees should always encrypt files containing sensitive data when sending through instant messaging services or email. This will provide protection in case the email is wrongfully opened or intercepted. This small change could make a huge difference and only takes a few seconds to do.
7. Reflective screen cover when commuting | Privacy screens
For commuters, getting an extra 30 minutes behind the laptop or preparing for the day ahead is a common way to pass the time whilst travelling to work on public transport. However much you try to block out others, your screen is on show to hundreds of people across the week. Whilst it may seem unlikely, this provides a threat of information being seen by the wrong people. A simple problem that requires a simple solution, a privacy or reflective screen protector. These thin pieces of plastic can stop others from seeing your work documents from over your shoulder and should be considered during this surge of employees going back to work.
8. Keeping Software Up To Date
Mobile devices use a vast amount of software including operating systems such as Android and iOS as well as applications that do everything from word processing to sound recording. In order to prevent vulnerabilities being exploited, software must be kept up to date. Often described as “patching”, updates patch up any gaps regarding security, making it imperative to stay on top of.
9. Implementing measures for employees to report suspicious activity or privacy concerns
A safe space where employees can voice their concerns or send anonymous queries would help open up a dialog between internal operations and employees of all departments where security or privacy issues can be dealt with. Concerns of security may be difficult for some to disclose so providing a place where employees can do so safely would encourage people to come forward. This should be seen as a preventative measure and approached in a relaxed and informal way to avoid unnecessary concern.
10. Maintain The "New Norm"
Every business has its own unique way of operating. Therefore, it is important to apply these procedures with a degree of flexibility. In order to optimise results, businesses should look to regularly review protocol and have an open mind regarding the introduction of new measures. As times and technology change, it is up to businesses to keep their employees safe and visa versa.