There’s no denying that home working brings with it lots of quirks.
And during lockdown, we’ve read many amusing stories about people’s experiences – such as children and pets making an unscheduled appearance in the background on important video calls. But the one where a toddler amassed a £20 Deliveroo bill for onions was one which not only made us giggle, but also got us thinking about device security…
Your office set-up at home isn’t the same as at work. While you may – or may not – have a designated desk space for your computer, laptop and phone, there’s still the issue of device security and keeping them up to date when away from the ‘normal’ work setting.
While ‘turning it off and on again’ may rectify some pesky system issues, unfortunately the same can’t be said for keeping IT equipment secure from neither online shopping toddlers nor opportunistic hackers.
Here are some of the key ways your employees can help to keep their devices protected.
- Recognising the power of passwords and auto-locking
Whether it’s a mobile phone, laptop, computer or tablet, it’s important that when you’re not using it, access is secured behind log-on credentials.
This elementary step plays a pivotal role in ensuring unauthorised users aren’t able to get their hands on the company’s confidential documents and sensitive data.
It goes without saying that each password should be different for every device you have, as this helps to make it more difficult for hackers to intercept information.
We’ve spoken about passwords before and how to develop a technique to both create and remember them – ensuring your credentials are tough to crack should any cyber criminal fancy attempting to hack your equipment.
But, it isn’t just a password that acts as a stumbling block for cyber fiends, locking your device is equally important! It might also be worth turning off the ‘auto-fill password’ option too.
If you’re popping away from your computer to make a brew or walk the dog, a simple ‘CTRL + ALT + DEL’ command brings up a screen which offers the ‘Lock’ option. This leaves all your programmes and tabs open but logs you off, so that to pick up from where you left off, you need to re-enter your password.
Additionally, when it comes to mobiles, make sure that, depending on the capability of your phone, you enable either a passcode, fingerprint or face-recognition technology setting to gain access.
You can also control the time it takes for your device to auto-lock – the shorter duration, the better the security – and this is super-important. It not only prevents accidental, yet costly, onion bills, but it also means that if your phone is stolen, it’s harder for a thief to access your info.
- Understanding the importance of updates
No matter the operating system – Windows or Mac – your computer, laptop and phone relies on regular updates to maintain robust security and a high performance.
While it’s all too easy to click ‘remind me later’, how many people actually remember to go back and enable the updates?
But this delay in system maintenance plays a crucial part in the end-result, regarding the user experience and security.
For instance, you might feel frustrated that your device is operating sluggishly, but this could indeed be down to a lack of technical ‘MOT’. Of course, if it’s not a good time to have an update taking place, the pop ups on your computer/laptop should always allow you to schedule a more convenient time when you’re away from your desk.
- Ensuring your Wi-Fi is secure
When working from home, employees will either be connecting to their work system via an encrypted Virtual Private Network or they’ll be using their personal broadband. However, one thing they must not do is try to connect to unsecure public Wi-Fi hotspots.
While the reopening of some of the nation’s eateries and coffee shops is allowing people to get their food and caffeine fixes, it shouldn’t be used an internet solution. A lot of the time, these connections aren’t encrypted, meaning that once you connect to them, you’re allowing hackers to potentially access your device and intercept all your sensitive data/passwords.
It might be worth the coffee, but it’s just not worth the risk.
- Enabling two-factor authentication
This is an extra layer of protection which helps to ensure that accounts are only accessible by authorised people.
Essentially, it means that a user has to ‘identify themselves’ via two methods – a username and password as normal, but also another piece of information which is something you have or something you are.
This can range from security questions, personal identification numbers, bespoke codes, credit cards or iris scanning – to name only a few examples!
- Never underestimating the power of cyber security training
We’ve said it before, and we’ll say it again, employees can be an organisation’s biggest cyber threat, if they’re not looped in about the dangers which are out there and how to spot them effectively.
Firstly, it’s pivotal that you help staff learn how to identify a fake email – there are many signs you can use to spot them too! You can also initiate, through the help of your IT support department, phishing simulation attacks. This sees monthly ‘test’ emails sent to staff to see how they’d respond – think of it a practice fire drill, helping to prevent any devastation in the event of ‘the real thing’.
This is a great tool to inform you which colleagues may need additional education and training.
Oh, and staff training doesn’t have to be dull, it can be in the form of mini quizzes – you could even introduce a little cross-departmental competition – which cover the common pitfalls and key warning signals.
However, the training can’t just be a one-off – no one becomes an expert overnight – because staff will then be more likely to lapse into old habits and forget the content. So instead, make sure you send regular updates – including weekly tips and updates on scams – helping them to protect themselves and the wider company against the cyber bad guys!
This is particularly important in the current climate, as with more people working from home, there is less opportunity to ask peers for their input – meaning there’s more room for error. And, when the team is busy, they may overlook basic checks. In fact, we’ve seen a huge rise in the number of ‘CEO impersonation’ scams – which use the CEO’s name but are sent from a third party, and often request the recipient to urgently transfer money.
Then, once transferred, the funds are often moved again and chance of getting the money back can be slim unless you can report the crime instantly. Definitely a situation to avoid.
If you have any questions about how you can keep your company’s devices safe in or out of lockdown, contact our friendly Q2Q team via phone, video call or drop us a message!