Between the growth and refinement of cloud-based SaaS software, rising inner-city property prices in metropolitan areas around the world, progressively more affordable high-speed internet, and international team composition and collaboration, remote working has experienced a tremendous growth over the past decade.
What was a steadily expanding trend received an unexpected boost during the past year, with the coronavirus pandemic further necessitating the ability for workers to work from home. Statista reported that as of April of this year, 67 percent of organisations declared a rise in their spending on teleconferencing software.
Moreover, research and advisory firm Gartner found that 36.74 percent of companies have drawn up concrete plans to make some of their employees permanent off-site workers, with roughly 25 percent of the involved participants stating that one in ten of their employees will be working remotely on a permanent basis.
Naturally, the pandemic has brought on a rapid adoption of remote working practices, with the European Commission reporting that upwards of 50 percent of remote workers in many European countries had zero previous experience in working from home prior to the pandemic.
In addition, Eurofound reported that close to 40 percent of European citizens currently working from home on a near full-time basis are doing so directly because of the pandemic.
Further to this point, the Joint Research Centre (JRC), the European Commission’s science and knowledge service, has found that approximately just 15 percent of employed people in the EU had ever worked from home before the pandemic, stating that they are “in all probability, facing challenges in dealing with the sudden shift to telework”.
Best Practices for Employees
While the key share of the responsibility for maintaining a high level of cybersecurity lies with the organisation, employees and other users within that ecosystem must also do their part, particularly when it comes to situations where the user is working remotely.
Secure home network and WiFi
Users working from home have no other choice than to use their local network. Users must take all available steps so that this connection is as secure as possible. This can include changing the name of your default network, putting a strong and unique password in place, activating network encryption, turning any wireless routers off when leaving the house, disabling remote access, and more.
Separate personal/office devices and use each one for intended purpose
Using a dedicated laptop and mobile device for corporate use can allow the organisation to better safeguard the data used on each device, while at the same time decreasing the likelihood that your office device will be stolen, since they can be left at home or the office when not in use. Personal devices tend to travel more, as well as encourage more casual use from their owners.
Lock and password protect your devices
While no one enjoys the additional steps it takes to unlock a laptop or mobile device, it is crucial that all devices are password-protected and locked when the user is away from them. A user cannot trust that any stranger or malicious actor will not act on the opportunity to steal and manipulate an unlocked and unprotected device.
Lock room and log off
If you’re working from a specific room inside the home, it is best that you lock the door to that room the moment you leave it, particularly if you’re leaving the house altogether. Preventing physical access to the device is a critical aspect of keeping it secure and safe from any external entities. Moreover, logging off from any corporate devices can ensure that no one can gain entry to a device that has already accessed a secure network or already has access to locally-stored sensitive data.
Switch off voice control on devices
While voice recognition can be a useful feature in certain scenarios (e.g. while driving), it can also be a security threat. Voice identification provides an additional avenue for malicious actors to gain access to your device or have it behave in a particular manner. A device can be tricked to believe that it is your voice commanding it to unlock or send an email. Switching voice control on all devices can help increase security.
Be aware of phishing attacks and suspicious emails
This may be something a user can become better at with years of experience and IT literacy, but users must be conscious of phishing attacks and emails originating from malicious entities wanting to gain access to your data, personal information, user account or financial information.
The malicious entity might pretend to be a friend, partner, colleague or anyone else who you would feel inclined to share anything private with. Sometimes just the act of opening a suspicious email may be enough to trigger an attack so users must remain extremely vigilant in this regard.
Avoid public WiFi
As difficult as it may be, users must try to avoid public networks when using their office devices. A hacker can exploit such networks and intercept data between your device and the connection point that you are using. The hacker can then forward this data to whatever device or secondary entity they choose to. A way to avoid using public networks is through the use of a corporate mobile account and then tethering your office laptop with your corporate mobile phone.
Avoid the use of unknown USB drives
Do not use any random or unknown USB drives as they may contain malware and other dangerous software that can spread to your device and network, at times without you knowing that this is the case.
Use a firewall and antivirus software
This is the bare minimum but must be stated explicitly. Do not turn off your device’s in-built firewall and always have a modern, up-to-date antivirus software installed on your device.
How Boltonshield can help
Boltonshield has the knowhow, expertise and experience to help your organisation design and build an information security operations centre (SOC) from the ground up. A state-of-the-art SOC can help your organisation monitor, evaluate and protect your enterprise systems, including your servers, data storage devices and data centres, web site(s), databases, and applications.
Also, Boltonshield can provide your organisation with terminal servers which can be used by remote workers. A terminal server can provide a safe, secure and remote working environment, access to organisational resources from wherever they are, as well as a singular point of both entry and maintenance which can be more easily monitored and managed. Get in touch with us to learn more how we can help you!
If you want to get updated about our recent publications about cybersecurity related topics, subscribe to our newsletter!