Coronavirus, Self-Isolation and Work From Home Security
Mar 20, 2020
As governments across the world struggle to contain the COVID-19 virus, businesses are being asked to allow their employees to work from home. For many people this will be the first time they have ever been able to work remotely – which could cause some serious IT security headaches for their employers.
Cyber criminals are aware of the rush – and the potential for mistakes that could let them break in. Which means you have a part to play in protecting your employer. Here’s a few tips to get you started.
Email malware is set to increase
Email is already essential for business communications. For many remote workers it will become the primary way by which they share information with colleagues.
In the coming weeks you should expect to see an uptick in fraudulent emails. Many will have malware attached, waiting to infect your computer. Some will be subtle phishing messages, designed to steal your passwords and other sensitive information.
Malware is particularly dangerous for home workers as most people will be using their own (personal) computers. These machines will not have the same security safeguards as the one they use in the office, making them less secure. If your home PC is compromised, hackers can use them to attack your company network from the inside.
You can do your part to prevent malware problems by learning to spot the signs of a fraudulent email. You should also ensure that you have an effective anti-virus installed on your computer – talk to us about sufficient protection today.
Social engineering attacks
Because the rush to adopt remote working has been so rushed, many employees will not have been properly trained in the usual protocols and procedures that protect the business. This makes them more vulnerable to social engineering attacks.
Social engineering is very low-tech – and very effective. Typically a scammer will make contact by phone or email, pretending to be a colleague, like an IT helpdesk operator. They will then ask for sensitive information, like login credentials which allow them to break into the company network.
You should always take a moment to think whenever someone asks you for sensitive information. No matter how much the caller tries to pressure you, if you are in any doubt, do not give them the details. Your employer would rather you play it safe and create a delay than give cyber criminals easy access to company resources.
Take it slow
Getting used to remote working may take a little longer than expected. You are effectively on your own, doing many of the IT security tasks that are normally handled by the IT department. In these unusual circumstances it will take you a while to achieve maximum productivity.
Cyber criminals are aware of the rush – and the potential for mistakes that could let them break in. Which means you have a part to play in protecting your employer. Here’s a few tips to get you started.
Email malware is set to increase
Email is already essential for business communications. For many remote workers it will become the primary way by which they share information with colleagues.
In the coming weeks you should expect to see an uptick in fraudulent emails. Many will have malware attached, waiting to infect your computer. Some will be subtle phishing messages, designed to steal your passwords and other sensitive information.
Malware is particularly dangerous for home workers as most people will be using their own (personal) computers. These machines will not have the same security safeguards as the one they use in the office, making them less secure. If your home PC is compromised, hackers can use them to attack your company network from the inside.
You can do your part to prevent malware problems by learning to spot the signs of a fraudulent email. You should also ensure that you have an effective anti-virus installed on your computer – talk to us about sufficient protection today.
Social engineering attacks
Because the rush to adopt remote working has been so rushed, many employees will not have been properly trained in the usual protocols and procedures that protect the business. This makes them more vulnerable to social engineering attacks.
Social engineering is very low-tech – and very effective. Typically a scammer will make contact by phone or email, pretending to be a colleague, like an IT helpdesk operator. They will then ask for sensitive information, like login credentials which allow them to break into the company network.
You should always take a moment to think whenever someone asks you for sensitive information. No matter how much the caller tries to pressure you, if you are in any doubt, do not give them the details. Your employer would rather you play it safe and create a delay than give cyber criminals easy access to company resources.
Take it slow
Getting used to remote working may take a little longer than expected. You are effectively on your own, doing many of the IT security tasks that are normally handled by the IT department. In these unusual circumstances it will take you a while to achieve maximum productivity.
In the meantime you must ensure that you are working as safely as possible. If you have any questions on keeping yourself cyber secure while working from home, get in touch with us today, we'll be happy to help.
Keep an eye on the JC Cyber Security blog for more tips and tricks in the coming weeks. We are in unprecedented times, but by working together - we can get through this! Remeber to stay safe both physically and digitally.
Follow Us
Be the first to know
You might also like
‘Hacking’ refers to activities performed by a threat actor (a ‘hacker’) that seeks to compromise digital services, such as computers, smartphones, and networks. Hackers are usually characterised as only being unlawful, motivated by financial gain, information gathering, or even just for the thrill of having a challenge.
Penetration testing is a form of an ethical hacking simulation conducted in accordance with industry guidelines, which aims to closely mimic real-world targeted attacks that organisations face daily. By actively testing your organisation’s defences, you can understand your security posture while also improving your defences, reducing the likelihood of experiencing a cyber-attack, ensuring confidentiality, integrity, and availability
A penetration test ultimately seeks to answer the question “How effective is my organisation’s security controls against a skilled human hacker?” while determining the security posture of your organisation.