In response to Coronavirus (COVID-19), and following official guidance, many employers are asking staff to work from home wherever possible.
Some staff might have worked from home before, but for others this will be new territory. Although the thought of working in your pyjamas and snacking all day might be appealing to begin with, working from home can be unsettling, especially after the novelty begins to wear off. The more information staff have to help them navigate this different way of working, the better.
As well as the practical considerations around remote working, such as planning for a large increase in users with chat rooms and video teleconferencing services, and making sure staff are confident in using different software, it is also important to consider security away from the office.
The NCSC has published guidance on this topic covering the following areas:
Devices used for working outside an office environment are more vulnerable to theft and loss. Although losing a device when working from home could be a difficult feat, make sure that staff know what to do if their device is lost or stolen, and where to report any issues. Ensure staff understand the importance of keeping software and their devices up to date, and that they know how to do this.
Make sure devices encrypt data whilst at rest, which will protect data on the device if it is lost or stolen. Most modern devices have encryption built in, but encryption may still need to be turned on and configured.
Fortunately, the majority of devices can be setup to remotely lock access to the device, erase the data stored on it, or retrieve a backup of this data. You can use mobile device management software to set up devices with a standard configuration.
Virtual Private Networks (VPNs) allow remote users to securely access your organisation’s IT resources, such as email and file services. VPNs create an encrypted network connection that authenticates the user and/or device and encrypts data in transit between the user and your services. If you are already using a VPN, make sure you are using the latest version of any software and it is fully patched. Additional licenses, capacity or bandwidth may be required if your organisation normally has a limited number of remote users.
USB drives can contain lots of sensitive information, are easily misplaced, and when inserted into your IT systems can introduce malware. We would always advise against using USB drives.
Cyber criminals are preying on fears of the Coronavirus and sending ‘phishing’ emails that try and trick users into clicking on a bad link. Once clicked, the user is sent to a dodgy website which could download malware onto your computer, or steal passwords. The scams may claim to have a ‘cure’ for the virus, offer a financial reward, or be encouraging you to donate.
If you click on a link like this, don’t panic! There are number of practical steps you can take:
• If on Wi-Fi disconnect from your network if you are attached to a network cable, remove it.
• Contact your IT department if you have one or
• Open your antivirus (AV) software if installed, and run a full scan. Follow any instructions given.
• If you’ve been tricked into providing your password, you should contact your IT partner and if you do use the same password on other accounts they should also have their passwords changed.
• If you have lost money, you need to report it as a crime to Action Fraud. You can do this by visiting www.actionfraud.police.uk.
If you are using a home PC or laptop they are likely not to have the same controls over patching and anti-virus as your work PC or laptop. Please ensure your operating system software (Windows or MAC) is fully up to date. If you do not have home anti-virus contact your IT partner to get some installed, although Windows Defender is a good home standard anti-virus.
Stopping the spread of Coronavirus may seem like an impossible task at the moment, but ensuring measures are put in place to make remote working effective and safe, and stop the spread of any computer viruses, is something that we can control!
(Information taken from the NCSC Weekly Threat Report 20th March 2020)
Talk through your IT needs with one of our friendly technicians – no commitment, no cost!
Complete our contact form and one of our experts will be in touch, or call our team on 01332 374444.
Array ( )