Cyber security is as important out of the office as when you are working in the office. Learn what processes you can put in place to keep your data secure while working from home.
Wherever you are working, it's always important to be mindful of security. Some of the security measures that are in place at your workplace, may not be in place at your home.
You can check our current scam alerts for the most up-to-date information.
Here are some steps to follow to keep you secure while working from home.
Security policy.
The first thing you can do to ensure you can work securely from home is to check if your business already has security policy guidelines. If not, it’s important you or someone in your organisation creates a security policy that advises approved sites, programmes and apps that can be used.
This policy should also include email. For example, when it’s appropriate to share your work email address, only open email attachments from trusted contacts, how to block junk, scam emails, plus deleting and reporting suspicious looking emails.
By creating or sharing current security policies, you’ll become aware of the cyber security issues and threats you may face while working from home.
WiFi.
Only use trusted WiFi sources, such as your home network, rather than a shared space or public WiFi. Hackers can intercept traffic on public WiFi and even set up fake public WiFi, then read or change the data you're sending. They can also use this private data to hack bank accounts, share private data or hold you ransom for critical information.
If you don't have access to a trusted WiFi network, consider using your mobile data instead. Mobile networks are much harder for criminals to intercept, and with endless data plans now available you don't need to worry about running out of data.
Email scams.
According to CERT NZ, email extortion campaigns made up 50% of all scam and fraud incidents in the second quarter of 2019.
Be extra wary of suspicious emails when on your phone. If you weren’t expecting a particular email, ignore it and look at it once you’re on your laptop. Then you can easily hover over the links, and check the ‘sent’ address.
Currently there are a lot of COVID-19 communications being sent out from what seems like every company. Unfortunately criminals are using this as another opportunity to get to private business data. If you’re unsure if an email, text or any other communication is from a legitimate source, don’t click on the link or open the attachment. Contact the organisation via their official contact channels and ask.
Software updates.
One easy way to keep yourself secure at home is to keep your devices and anti-virus software up to date and run regular checks.
Set your system preferences to install any new updates automatically. Or the next time the update button appears on your screen, click ‘update’ to make sure you have the latest most secure version of the software, app or programme.
Virtual private networks (VPN).
Use a virtual private network (VPN) when connecting to your work’s network. This protects the company files and data you’re accessing from your home network.
Using a VPN means you don’t have to expose different servers on your network to the internet, and you can control remote access through one point.
Many businesses don’t expect their staff to work remotely at the same time when setting up their VPN system, so it is important to check the number of licences you have for remote access and scale up if need be.
Two-factor authentication.
Add another level of security to your business by enabling two factor authentication.
Two-factor authentication (2FA), is a security process in which users provide two different authentication factors to verify themselves.
This method relies on a user providing a password, as well as a second factor, usually a text code sent to your phone.
Two-factor authentication helps make sure that criminals can’t get in if they've guessed your password or stolen your login details. Make it mandatory when accessing email or banking services for example.
Device security.
Make sure you secure all work devices (mobile phones, laptops, tablets, even photocopiers) with endpoint security controls such as firewalls, anti-virus and malware protection to help prevent any cyber-attacks.
A cloud-based security tool like Secure Device Manager allows you to centrally manage the security rules of all your smartphones, tablets and laptops remotely. With this tool you have the ability to ensure your team have the latest security software and protocols on their devices, as well as the ability to remotely find, wipe or disable devices if they are compromised.
We can help you with how to respond to scams.
If you’re concerned about your security, please contact your Account Manager.