How to Mitigate Cyber Security Risk When Working Remotely
The growth of the ‘work from home economy’ will go on for a long time to come. Some organizations have opted to make remote work permanent, while others are actively deciding on the future of their office arrangements.
Besides having to rapidly deploy tech solutions to facilitate potentially hundreds of employees working from home, IT leaders also face another unique challenge. Remote work environments do not employ the same cyber security best practices that in-office infrastructure does. Hackers aren’t just targeting massive corporations. They also have their eyes on small businesses, which tend to be more vulnerable to cyber security risks. A survey on cyber crime conducted by Deloitte shows just how risky at-home work environments can be. They asked 1,500 remote workers about their encounters with attempted data breaches in early 2020. In a short amount of time, the data suggested that there had already been a 25% increase in cyber attack attempts that predominately came in the form of phishing emails.
As a small business, you may not have the resources to implement a full-scale cyber security plan backed by a considerable budget. There are however a few key tips on how to mitigate cyber security risk that you can pass along to your team as they continue to work remotely.
Make it a habit to lock your devices
At the office, locking devices is considered a best practice whenever you leave your desk. This tactic protects sensitive personal or corporate data from wandering eyes and any unintentional or intentional “button-clicking.” While working remotely, this process should remain the same. Think of it as being no different than locking your front door as you leave your residence.
Whether it be family, friends or roommates, there is still an associated risk involved with those not working for a particular organization despite the trust you may have in the people you live with. Therefore, ensuring device security, is important even at home.
Stay sharp: Continuing to adhere to cyber security best practices such as locking devices when you are away, will also ensure the habit remains intact when it’s time to return to the office or when bringing your devices to other public spaces.
Avoid public, unsecured WiFi networks
Working remotely can essentially mean “anywhere but the office.” With that in mind, employees will all be connecting to their own WiFi sources, wherever they may be. It is important to be wary of WiFi networks that are not protected by a password and located in public spaces, such as coffee shops. Unsecured, public WiFi networks are ideal spots for cyber criminals and other bad actors to spy on internet traffic and steal confidential data.
If you find yourself in a situation where a secure WiFi connection isn’t available, consider creating your own through hotspot functionality on your smartphone. Although data will still be unencrypted between the hotspot and its destination, it does reduce the possibility of cyber criminals stealing from or spying on you when using the same public WiFi network.
Double-check: Is your WiFi network “password protected” at home? If not, consider adding one. Operating an unsecured network at home is as risky as utilizing a public network in a coffee shop or other related setting.
Implement multi-factor authentication
One of the best methods of cyber attack prevention, many wish they had enabled multi-factor authentication before a data breach occurred. Stay ahead of cyber criminals and their activity by adding a second layer of defense to your accounts today.
How does it work? After inputting your password, you will be sent a code (usually numeric) to your recovery email address or smart device. Only after entering this code on the sign-in page will you be granted access to the account. This functionality is widely available on social media platforms, email clients, banking software, and other mediums where sensitive data is stored or transmitted.
Did you know? Microsoft believes that multi-factor authentication can prevent over 99.9% of account compromise attacks.
Separate work and personal hardware
Since you won’t be able to leave your work laptop at the office, there is a good chance it may also become a convenience item after-hours. Instead of grabbing your personal laptop, you may consider online shopping, paying bills, or even letting your kids play games on it. By doing so, you may be putting your organization’s security at risk.
Of course, the situation is a two-way street. Personal devices should not be used for work matters unless certain safeguards are in place. This is mainly because replicating cyber attack prevention measures on these devices may not be possible. Missing security features could include VPN services, dedicated anti-virus software, endpoint protection, and encrypted drives. Consulting with an IT professional before allowing personal device use for business matters is highly recommended.
The bottom line: Cyber Attack Prevention Begins with You
Working remotely tends to blur the lines between our 9-5 schedule and our personal lives. Business is being conducted over home WiFi networks, where other housemates are sharing routers, printers, and more. This trend looks set to continue. For instance, in a survey of U.S. executives and office workers conducted by PricewaterhouseCoopers, it found that a permanent flexible workweek has good support. 83% of office workers want to work from home at least one day a week.
With the onset of these new trends in work, there must be an emphasis placed on cyber attack prevention. Small business owners are encouraged to set up cyber security training sessions with employees, who often act as the first line of defense against potential cyber-attacks. With so much to lose, presenting basic tips, such as the ones outlined here are valuable first steps in learning how to mitigate cyber security risk.