Cyber Security & Homeworking – What’s the Risk?

December 17, 2020

Comments

Cyber security has become one of the most important parts of the day-to-day operation of an organisation, and with more and more people working from home, it’s important to keep on top of the risks you’re exposed to.

 

Preventing Cyber-attacks on Remote Employees

For many organisations, the COVID-19 pandemic has solidified remote work as a new operational standard, and until we start working to get back into offices and workspaces, employers should expect this trend to only grow in the future. In fact, many major companies, such as Twitter and Microsoft, have indicated that remote work will be an indefinite option for their employees.

While this is beneficial in many ways, remote work also comes with unique challenges, namely, cyber-security. This article discusses some cyber-security risks that remote employees face and offers potential solutions.

 

Cyber-threats to Monitor

Hackers have been assaulting businesses since computers became a staple of day-to-day life, and are always trying new methods of gaining critical information. Depending on the size of the organisation, it may receive dozens or thousands of hacking attempts each day. These attempts are typically brushed aside by IT security teams and firewalls. However, with employees working from home, those protections aren’t as guaranteed.

The following are some of the most common cyber-threats facing individuals:

  • Phishing and vishing

Phishing is an attempt to gain personal information, such as computer passwords. Hackers and scammers will impersonate a legitimate company and send fake emails to solicit this information, typically with a phoney threat, or by falsely identifying themselves as part of the company.

Vishing, or voice phishing, takes this process a step further. This is when a scammer spoofs a legitimate phone number (from within the organisation or otherwise) and poses as part of the company. Whilst vishing attempts are a recent trend, they are increasingly prevalent. Employers should review existing cyber-security policies to directly address vishing.

  • Malware

Malware is a type of computer virus that is typically disguised as an innocuous program, email attachment or link. These viruses infect computers and can do any number of tasks, typically hidden to the user. For instance, they might store password data, track website activity, or download personal files.

  • Brute force attacks

Brute force attacks are when hackers try logging into someone’s account many, many times. These attempts work most often when individuals reuse usernames and passwords across different accounts.

 

A hacker may expose the information to one account, then use those credentials everywhere else they can think of, eventually gaining access.

These cyber-threats are made worse when employees are working from home, especially if they conduct business on personal devices or don’t connect to a secure network. That’s why it’s important for employers to proactively address cyber-threats with their remote employees.

 

Protecting Remote Employees

There is no single solution to avoiding cyber-security threats. But there are key steps organisations can take to protect their employees and critical data. Below are some of them.

  • Behavioural analytics tracking software

This is software that monitors each individual’s computer habits. Since hackers can impersonate an employee, it’s hard to detect when someone’s credentials have been compromised. With analytics tracking software, the program would be able to spot when a user is displaying abnormal computer usage. This will depend on the individual, but it may include accessing certain files or transferring large chunks of data.

  • Automated threat detection software

This software is like antivirus programs found on many computers by default. It can scan files and detect malicious programs automatically. Automated threat detection software often pairs with other efforts, such as behavioural analytics.

  • Comprehensive work-from-home guidelines

Using personal devices to conduct business is an easy way to compromise usernames and passwords. Employers should set clear guidelines regarding acceptable technology to use (often a work-provided laptop) and work locations. For instance, cafes may be off-limits because they often have unsecured networks.

  • Employee education

Education and training are perhaps the best protections against cyber-threats. Employees should know basic cyber-security tactics, such as how to spot a phishing email, how to recognise a scam caller and how to report a potential security breach. They should also be instructed to not reuse login credentials, especially between work accounts and personal accounts.

 

Employee education is especially important, as hackers and scammers become more sophisticated each week. Employers should keep an eye out for new scams and alert employees as needed.

As with any successful initiative, cyber-security protocols must be observed by all stakeholders within an organisation. That means educating everyone, from the top down, about how to protect themselves and their workplace from cyber-threats. If even a few individuals go without proper training, the entire organisation could be compromised.

As the business world becomes more connected, cyber-threats will get more sophisticated and commonplace. Start educating employees about cyber-security today to better protect your organisation.

 

Cyber Liability

Related Posts

Industry-Specific Cyber Risk Analysis and Cheat Sheets

Industry-Specific Cyber Risk Analysis and Cheat Sheets

Please find our industry-specified risk assessment forms at the bottom of the page. Cyber Insurance is one of the most important things an organisation can cover themselves against in todays world. Here, we look at the common risks a company could be exposed to, and...

Commercial Legal Expenses: How it can help you

Commercial Legal Expenses: How it can help you

Despite proper risk management practices, even the most successful and prepared organisations can find themselves suffering from the consequences of a legal dispute. Here we look at just how essential Commercial Legal Expenses can be.   Commercial Legal Expenses...

Commercial Underinsurance: Risks, Examples and Solutions

Commercial Underinsurance: Risks, Examples and Solutions

Given the financial impact of 2020, it’s more important than ever to check for overinsurance and underinsurance, especially in the commercial insurance world. Here, we look at the contributing factors, and potential consequences of incorrect insurance sums insured....