Scott Lester, Cyber Lab Manager, 6point6
Cyber security is at its most important in times of change. There are currently masses of people working from home during these unprecedented circumstances. Owners of all businesses now face the challenge of maintaining their organisation’s cyber security, as their IT-dependent employees log on remotely to keep the engine running. Whilst the unfamiliar environment presents weaknesses, there are clear steps that companies can take to shore-up their defences for the future.
- Layer your security
Single-step log-in procedures leave the business and the employee vulnerable to attack – multi-factor authentication (MFA) is the answer. MFA requires users to verify their identity via an additional piece of information, such as a one-time code, before logging in. By adding or enabling this extra phase of security to any platform or application that workers use, your user accounts are protected against cyber attackers who target passwords.
A password manager can bolster this protection. By creating unique credentials for each log in, the passwords and logins are stored and encrypted in a virtual safe. This helps employees maintain strong, random passwords for their different accounts.
For newer SMEs and start-ups seeking cost-effective security solutions, these products should be a first port-of-call. Many online services and tools often include MFA as a part of their package. Both options are friendly to smaller budgets, and work to reduce the risk of employees being hacked, therefore sustaining the business’s security.
- Ensure network security and device security
With few employees working on a company network, network security is more important than ever.
Businesses can put a Virtual Private Network (VPN) in place to provide blanket security for all network traffic. Staff can boost an organisation’s and their own security from their own home by changing their router passwords to not use default values. Simple steps such as changing router passwords to not use default values, conducting frequent virus scans of each device, and regularly updating software helps to make sure that everything is sufficiently protected.
- Make the workforce aware of cyber threats
Employees should also be made aware of the threats, and how cyber criminals will look to exploit businesses at this uncertain time. Cyber security awareness training can help workers identify when they are being targeted, and make them more familiar with internal security reporting procedures.
It is crucial that businesses communicate with their staff and update them on cybersecurity policy and best practice. Remote working requires Acceptable Usage Policies and BYOD equipment to be as secure as possible, so organisations should ensure they have addressed this in a way that allows staff to help themselves as much as possible.
- Tighten-up video calls
Third-party invasion of video conferencing calls has been a well-publicised and unfortunate trend during the current lockdown. Considered security procedures should be implemented in order to protect meetings from gate-crashers.
Whilst hosting video conferencing calls, the meeting must be kept strictly in the knowledge of attendees only, and a password should be created for entry. The meeting’s organiser can also take a register of who joins the call, and then monitor who is present throughout.
- Streamline your IT demands
The chaotic nature of this unprecedented situation means an organisation’s IT team will be receiving some heavy traffic. This is to be expected, and there are numerous technical hurdles to negotiate when facilitating a transition to remote working. This also makes IT teams more essential than ever to the smooth running of a company. A business can ease any complications by holding back on unreasonable requests and should look to install a refined process for staff contacting the IT team, for example by categorising queries by their urgency and mediating their flow to the team. If the entire workforce subscribes to a system like this, the IT team will be better placed to perform its crucial function.
It is also essential to avoid pressuring the IT team to compromise on security measures in favour of practicality. When IT professionals resist a proposal or request, this will be backed-up with sage reasoning, and they need to be trusted.
- Understand the perils of WFH
The COVID19 crisis has placed people on unfamiliar ground. Indefinite remote working makes it difficult to balance personal time and work, and harder for staff to switch off from their job. Business leaders should be understanding that systems of collaboration will not be as immediate in the current climate, as staff adapt to this new working environment. Embracing a flexible culture and anticipating that employees could be balancing issues outside of their job is important in this chapter.
It all boils down to teamwork. Pulling together and supporting each other is critical as companies attempt to navigate the complications of the global pandemic. Organisations can move to protect their futures by trusting their IT teams, empowering them to introduce policies that create security and vigilance across the entire workforce. Combine this with installing effective cybersecurity solutions, and a business is set to thrive in this unfamiliar landscape.
