Remote Working Security
Staying Safe Out of the Office
Amongst the many lessons learnt so far this year, one of the most apparent is the necessity for businesses to be able to swiftly adapt to new working situations.
With a sizable percentage of work now being performed remotely, and for many, a return to work on the horizon, it is now time for us all to take what we have learnt, and to apply those lessons moving forward.
Remote Work Security Post-Covid19
Undoubtedly, many of us have learn new skills. Whether that is video conferencing etiquette, or how to properly set up a virtual privacy network (VPN), it is time to ask: what are the remote work security lessons that can be applied elsewhere?
Top 3 Information Security Lessons
Wi-Fi Security
With internet usage at its highest recorded, there are many of us the rely entirely on our Wi-Fi for remote work. Though many of these are private networks, that does not necessarily mean that these are secure networks.
As with public Wi-Fi networks, we should all understand the dangers inherent to unsecure networks and take the time and steps necessary to protect our, and our organisation’s information.
This includes:
- Ensuring the network is using the strongest encryption available
- Disabling Wi-Fi protected Setup (WPS)
- Making use of MAC address filters, and
- Changing default usernames and passwords.
By following these steps and hopefully having become a little more self-reliant, upon our gradual return to non-remote work, we can apply the information and cyber security skills
A more detailed guide to staying safe on Wi-Fi, check out our blog: Top 5 Wi-Fi Safety Tips: The Guide to Staying Secure
Phishing Attacks
With the upsurge in coronavirus related phishing attacks, for those in a remote work environment, there is a renewed emphasis on the need for spotting and avoiding phishing attacks.
As communications now increasingly electronic and data being likely more diffused, the danger of users increasing their willingness to click on emails should be a concern for all organisations.
Like always, there a simple and easy to understand techniques that can be used to spot phishing emails, regardless of if you are working from home, or, as you may soon be, back at the office.
- Be suspicious of subjects which are attention grabbing or ‘urgent’
- Double check an email address for legitimacy
- Be extremely wary of attachments, particularly .EXE files, and
- Always check where a link is pointing before clicking.
Though all these steps may sound obvious, around 22% of all breaches still involve a phishing element.
Remember, regardless of the danger any phishing email represents, it can only require one mistake to potentially compromise an entire network.
For a more detailed guide to spotting phishing emails, check out our blog: 4 Ways of Recognising Phishing Attacks in 2020
Device Security
Remote work security is not just about the digital, and at time when our behaviours and habits are required to change, we should be especially careful regarding the physical security of our devices.
Much of the time, under normal conditions, a great deal of sensitive and organisational material will remain locally stored somewhere with security and a team dedicated to its protection. Though more and more, with mobile device and remote work, we are required to take our work with us.
- Ensure devices are properly encrypted and password protected
- Never leave a device unattended
- Avoid transporting particularly sensitive or unnecessary information
- Have remote wiping capabilities in place.
Again, with these responsibilities falling upon the individual, it is vital that the lessons learnt from this experience, are not simply forgotten when the situation begins to return to normality, and remote work security becomes part of a wider security culture.
Security Awareness for your Organisation
Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.
Featured
Who Regulates the Data Protection Act?
Who Regulates the Data Protection Act? Data Protection Blog by Information Security Awareness Training provider Hut Six Security
NHS Email Accounts Compromised in Phishing Attack
NHS phishing attack sees email accounts compromised as part of an attack targeting a wide range of organisations Blog by Hut Six Security.
Who Enforces the Data Protection Act?
Who Enforces the Data Protection Act? Principles, Protections and Penalties. Blog by Information Security Awareness Training provider Hut Six Security.
How Secure is Your Password Process?
How Secure is your Password Process? Password security blog from Information Security Awareness Training provider Hut Six Security.
Who Does the Data Protection Act Apply To?
Who Does the Data Protection Act Apply to? Blog by Information Security Awareness Training and phishing simulator provider Hut Six Security
Why Social Engineering Works
What Social Engineering Methods do attackers use to get your personal information? Blog by Information Security Awareness Training provider Hut Six Security
What Year Was the Data Protection Act Introduced?
What Year Was the Data Protection Act Introduced? - 2018, however it has seen some changes as enforcements have increased.
How Does the Data Protection Act Protect your Rights?
How Does the Data Protection Act Protect your Rights? Blog by information security awareness training provider Hut Six Security.
How a Ransomware Attack Works
Knowing how a ransomware attack works is the key to avoiding them and the damage they can pose to your organisation. Blog by Hut Six Security.
Hut Six Staff Snippets: Handling Sensitive Information - Hut Six
Luke talks about his favourite Information Security tutorial, Handling Sensitive Information. Information Security video by Hut Six Security.