“ Can you go on mute please? ”

Every single video conference, there’s always that one individual that’s doing the most. This pandemic has meant a lot of us are working from home. I know some of us wake up at 8:58am and switch on our laptops to appear online (not me btw, my work day starts at 06:30 am), and then roll over to catch a few more zzZ’s. To be fair, I nearly got caught out one time during an online meeting. I was singing Stormzy – blinded by your grace and one of the managers asked if it was me that was singing and I said, “I was just about to ask, if that was you singing?”. Hehe you can’t catch me out boy.

Working remotely does have its perks but are we doing enough as individuals to keep ourselves safe from cyber threats? Do the organisations we work for have the right procedures in place to ensure that working away from the office is safe?

There has been a massive rise in remote working for a lot of organisations, which is causing a shift in their threat landscape*. Some organisations may not have the right set up to support a huge amount of its employees working remotely. Cyber criminals are rubbing their hands at situations such as these. Since I work in the cyber security industry, I have to be honest – employees are a big threat to an organisation. Before you jump down my throat, let me elaborate.

Working from home may be new to a lot of people so they are at risk of compromising their security. Organisations will have to provide education on best practices whilst working from home to ensure that the company’s information assets* are secure. Employees can make simple mistakes. For instance, not following ‘Tips with T’ can leave you susceptible to cyber threats, which can lead to compromising an organisation. But an even greater mistake would be organisations not addressing their employees about the proper use of personal devices for work.

BYOD (Bring Your Own Device)

Using your personal device to do work is becoming more prevalent (oooh big word). But organisations are having trouble ensuring that employees are doing the right things to not allow confidential material to end up in the wrong hands. Using your personal device is good as it provides more comfortability and flexibility, which we all want at the end of the day.  However, if personal devices are left unaddressed then it can become a security challenge as there is no visibility in the status of the device. If employees leave a company then what happens to the data on their device? Organisations are now in a bit of a pickle. Also, there may be no anti-virus software on the device which leaves it vulnerable and could be giving hackers access to sensitive information. Furthermore, since the device is not owned by the organisation the onus is on the individual to make sure that their devices are secure. One way to keep our devices secure is via the use of a VPN (Virtual Private Network) which allows a user to access a company network through a public or home wifi connection. A VPN protects us by masking our location and encrypting information we send over the internet.

I spoke about passwords in one of my previous blogs. Having weak passwords is a serious vulnerability and can be detrimental to an organisation. I have also spoken about phishing attacks, and with the surge in phishing scams during this pandemic if we are not vigilant then one wrong click and we can be putting ourselves and the organisation at risk.

This is something that we would want to avoid. As I’ve said earlier, working from home has been a blessing and we should be grateful that we have the ability to do so. With the way we have saved money on travel, I’m sure the majority of us are not relishing the thought of going back to the office any time soon. However, as nice as it is to roll out of bed and switch on our laptops, we really need to follow procedures to keep company assets secure.

‘Tips with T for Employees’

– Ensure approved anti-malware software is installed – Use a VPN connection – Use strong complex passwords – Keep devices up to date

‘Tips with T for Organisations’

– Configure devices to be tracked and remotely wiped  – Educate staff on how to spot phishing emails – Implement two factor authentication

Love & Guidance

TT