Remote working—staying safe online

Get a free consultation
Health Assured Logo

Health Assured team

19 October 2020

With the coronavirus changing many business practices, and shifting them more and more toward remote/flexible working, some new dangers have been introduced to some organisations. The shift to working from home was a sudden, massive change—one which was difficult if not impossible to prepare for.


Not everyone is computer-literate. Even those who are can make mistakes. And outside of the office, it’s difficult for your IT department to maintain and police every employee’s network.


Luckily, there are some basic steps employees can take when working remotely that will encourage cybersecurity best practice, and keep everything safe and secure:


Provide equipment: this is super important, especially if your people work with anything sensitive. Work data should remain on work computers, if possible. While it may seem like a massive outlay to provide everyone with a laptop, you should weigh this up against the potential issues of a data leak.


Encourage care: after you’ve given people the equipment they need, be sure to strongly emphasise the care they need to take with it. Leaving a laptop in a car, for example, is a big no-no—even if it’s in the boot, or just for a few minutes. Criminals are nothing if not opportunists, and just a moment of inattention can expose potentially sensitive data to theft. Make sure home doors and windows are locked. Care is the watchword.


Use encryption: maybe a little complex-sounding, but it’s truly easy for everyone to do. Encrypting stored information means keeping it in a format which cannot be read by anyone else, or any other computer, without the password needed to decrypt it. There’s plenty of software out there that can do this for you—some of it is even free. This, of course, brings its own problems—if you forget the password, you can’t get your data back! But, for sensitive data and documents, you should certainly emphasise that encryption is key.


Aim for phishing awareness: ‘phishing’ is an attack where malicious actors pose as something they’re not, in order to gain information. You’ve probably seen emails from ‘Facebook’ asking you for your password, or your bank details—these aren’t from Facebook at all, rather someone pretending to be Facebook in order to steal your information.


While it might seem like a very simple thing to avoid, phishing attacks are constant. Your email spam filter likely catches most, but a few will slip through the net—and even veteran IT professionals sometimes fall foul.
There are some free resources you can use to make yourself and your employees more aware of phishing attacks, and how they work—this is something everyone with an internet connection should look into.


Stay updated: usually, your IT department takes care of keeping equipment up to date, with the latest software and patches. But remote working can throw a little bit of a spanner into those works. After all, not everyone understands how an OS works. And that’s fine—you don’t need to fundamentally understand how an internal combustion engine (or a hybrid—it is 2020!) works in order to drive to the shops.


But security updates and patches are vital to smooth functioning of work computers. Especially as a computer lagging behind in updates can be seriously, critically vulnerable to attack. Send out regular communications about computer updates, and have your IT department set up equipment to update automatically, if possible.

 

These tips are just a basic overview. But following them, and using common sense (for instance, telling people not to view adult content on a work computer...) will keep you—and your company’s sensitive data—a lot safer online.

Make your enquiry

Please complete the form below and we'll be in touch to answer your enquiry

Book a place on this workshop

Get a free consultation

Please complete the form and we'll be in touch to schedule your free consultation

An error occurred

We appologise but an error has occurred submitting your form. Please try again.