Safety at Work…From Home – Addressing Online Cybersecurity Issues Working From Home
Due to the Covid-19 situation, more people are working from home & spending more time online which may be a sign that there is more opportunity for hackers to strike.
Methods used by hackers may be like prompting you to click a link within an email, or some websites links like the ones you frequent. Although companies may have firewall or anti-malware protection installed in the work devices, your personal computer may not have the protection needed to fend off cyber-attacks as one factor of cyber-attacks are from negligent users who are unaware of the threats online exposing their company assets to attackers.
What are some of the employer’s concerns?
As working from home becomes inevitable, employers are concerned that with the information the employees bring home are being accessed outside of office compounds data leak is the highest priority of concerns by employers. So, what are some of the causes of such data leaks?
The first threat is phishing. With the rise of panic with the covid-19 virus the World Health Organizations have all warned the public of coronavirus-related phishing scams. With Cyber attackers exploiting the fear of the coronavirus to spam phishing emails posing as legitimate health organizations, prompting the users to click on links which can protect them with the corona virus resulting in users to be directed to a phishing site where they get their information stolen.
- Gossip (data expose)
As humans are social creatures, we tend to engage in small talks regarding work to our employees all the time! Employees like to talk. This is not an issue when confined in the premises of the office however, as we move to remote platforms of working employees need to adjust to the new culture of working from home, work talk should be limited to private or office spaces only as to prevent leaks from happening.
- Human errors
Most breaches are mainly due to human error. From employees leaving highly classified hacking tools on an open server, to a help desk employee resetting a password for an imposter, opportunities for such mistakes rise drastically when employees are working remotely. The only cures are simple. Employees must be trained to be aware of such methods of psychological attacks to prevent themselves from falling prey to these tricks laid by attacks.
- Using company device for personal use
We are all guilty of this, using our work devices as our second devices for more convenience but we should in fact restrict ourselves to the using company devices for personal use as some company devices are designed to work within the corporate network to cater to the specific needs of the individual user within the company. Therefore, by using company devices for personal use, we are risking the data from the work devices to be exposed.
What are some ways to mitigate?
To mitigate some of the risk posed to us while working from home, we will need to prepare a few precautionary measures in place to protect ourselves better from cyber-attacks.
- Multi authentications (2FA 3FA)
Multi-factor authentications are becoming a common thing in our daily lives such as banking and payments. By adding another layer of security to company programs of software it mitigates the risk of external parties from accessing the files. On top of that another advise would be not to share credentials between accounts therefore preventing a breach on multiple devices if an attack occurs. This way if protects the organization and its employees.
- Updated Cyber security protocols
Current cybersecurity policy needs to include remote working as this ensures that the policy is adequate as your organisation transitions to having people working outside of the office. They need to include remote-working access management, the use of personal devices, and updated data privacy considerations for employee access to documents and other information.
- Use work device for work only
Communicating with colleagues using IT equipment provided by the company as there are often a range of software installed in the background of company IT that keeps people secure. If a security breach or attack happens to an employee’s personal device, the organisation – and the employee – may not be fully protected.
- Cyber Security Awareness
Remind employees that they are the first line of defence against cyber-attacks. Reinforce to employees that you want them to doubt the legitimacy of emails, text messages, and social media chats to approach everything with caution.
In short working from home can be a safe environment as well if the necessary precaution measures are in place. We must all be aware and be vigilant to maintain a safe working environment even at the comforts of our own home.