With the advent of the Corona Virus pushing the UK workforce to ‘don’t panic, carry on from home’. BluescreenIT's BIT Security SOC Cyber Analyst Craig Harris has the following advice to reduce the likelihood of criminals taking advantage of the situation to scam you and your business while you set up and work from home.
Using a secure network through VPN
Using a secure network will greatly increase the security and integrity of your work within your home. This can be achieved by using a VPN service, most enterprise businesses may have an internal VPN server that employees can connect to access the business network, a prime example of this is CISCO AnyConnect. No need to worry if there isn’t a VPN in place, there are plenty of VPN services available online, such as ProtonVPN, ExpressVPN to consider, but a necessary tool in your fight against cyber attacks.
SaaS (Software as a Service)
Using cloud services, such as Microsoft Teams, SharePoint and Google Drive is a great way to keep your work secure when working from home, it also allows to stay in contact with the rest of your team through instant messaging features like within Microsoft Teams. Cloud services only acquire internet access and credentials to use and if you want to better extra security minded you could use a VPN to connect to the cloud. Some cloud service may come included with your package, but most are available to buy on a monthly subscription.
Change Your Routers Password
Make sure you change your routers password. When you receive your router from your ISP, it come with a default password that hackers may be able to crack, its recommended that you change this password to something more secure by going into the routers config or accessing through a web browser by entering its IP address.
In this day and age passwords need to be complex and unique to keep your accounts secure. Your business may have a password policy in place, but what makes a good password policy is the variety of characters, numbers and special characters that must be used. A strong password or passphrases should always contain at least one or more capital letters, numbers and special characters. It is also bad practice to use the same password for more than one account as a hacker would only need to access to one account to gain them all.
You can also set up two-factor-authentication (2FA) to add an extra layer of security. 2FA works by linking a phone or email and even in some cases an app like Google Authentication, which provides you with a code, normally in a 6-digit format which you enter on first login.
Securing Confidential Information
If you’re working with confidential information in paper form, make sure that you have a safe place to store it after you’re finished and don’t leave it in plain sight when you’re not in close proximity. If you’re working in digital form, make sure that you are saving any changed in the correct file location and if you need to send any data to other employee’s or clients make sure it’s encrypted. If you ever do step away from your workstation, you should always lock it with Windows key + L.
As always you should remain vigilant, and think twice about everything regarding your emails, especially anything related to Coronavirus. Ransomware through Phishing emails has risen 95% in the UK since 2018 alongside other malware attacks.
To support organisations working remotely, BluescreenIT training division can offer you a 90 day free access pass to CertNexus Cybersafe online training programme for organisations looking to train their users in cyber safety at home.