In the last few months, the 'working from home' scenario has become quite common, and it is probably safe to say that it will be the norm for many of for the next few months at least.
For some, it may have taken a bit of adjusting; others perhaps always had a home office arrangement. Either way, under the current circumstances and with cyber criminals taking full advantage at the moment, we wanted to highlight some of the vulnerabilities home working can expose, not just for your employees but for your systems that they may be accessing whilst working remotely.
These are the most common bad practises that are happening more now than ever before.
For work meetings and for keeping in touch with people for sheer sanity during the current lockdown period, you may have downloaded applications such as Zoom or Houseparty. These apps are great in their function and keeping us connected but their security has been brought into question. Especially with Zoom recently as it has been shown that although this is a great app, it's security hasn’t quite been up to scratch
It’s essential you protect your data by making sure your key business applications, such as Gmail and Office 365, use complex passwords unique to these applications only. Where possible, you should also consider 2-factor authentication: You can never be too protected.
You have to remember that if anyone gets hold of your Google account access, you can be in a world of pain - all it takes is the search 'https://passwords.google.com/' and they will suddenly have access to all the passwords you have saved on the many sites you use. 2-factor authentication is not just a nice to have, but is really a necessity.
EQUIPMENT THAT HAS SEEN BETTER DAYS
Many businesses have been struggling to acquire a sufficient number of laptops to allow all of their team to work at home. However, the worst thing you can do is reach for that dusty old laptop packed away in the loft.
Old equipment runs old operating systems. End-of-life systems like Windows-7, are no longer supported with security updates, leaving them wide open with loopholes hackers can easily exploit. Plugging in a Windows-7 PC or laptop at home and connecting via a VPN, is the same as plugging it in directly onsite, posing a huge risk to your entire business network. ensure your employees do not do it. Safer or better to invest in up to date kit than take the risk.
ANTI VIRUS SOFTWARE
You will probably find that on a day-to-day home PC, the security installed is great for the odd bit of surfing or Ebay browsing, but is often substandard for business use. If you or any of your team are using personal PCs or laptops whilst working from home, it’s important to understand that any connecting device that is not running sufficient anti-virus software, is a weak link in your network security. Ensure your team know the risks involved, flipping from a potentially unsecure site to one of your business systems on the same browser is all that is needed to give you an almighty headache and explaining to clients. Hackers and virus's are clever and this lockdown and WFH situation is giving them ample time to practise their skills.
Much like the anti-virus weakness, unpatched home working equipment poses a huge cyber security risk. If an unpatched user is compromised, dangerous malware or ransomware could spread like wildfire through your business, encrypting all your data and rendering it useless.
Make sure your patch management solution covers all remote clients and prompt your team to have their automatic updates on.
Familiarise yourself with the common cyber threats to look out for during the COVID-19 pandemic, such as Smishing (Dodgy texts) and Phishing (Email Scams)
If your business doesn’t operate fully cloud-based systems and you and your team members are connecting using a Virtual Private Network (VPN) instead, your need to ensure your firewall needs is A+. Non-industry-leaders can provide solutions but these often cut-corners on your security.
Ensure your firewall is up to the job of offering high levels of encryption between home connections and your head office – you can’t afford to compromise. At Systems Integration we have the knowledge of the level of security that is needed to run these systems, so please feel free to ask for advice.
At Systems Integration we offer more than just IT Support, but we are committed to helping our current and future clients be aware of the risks when it comes to tasks such as working from home. So if you or your business have any concerns in these troubling times, please get in touch and ask - we are more than happy to help.