Advice to help Avoid Cyber Threats While Staff Works From Home

Published: 

Jump to...

 

Part 2: Steps To Be Taken By Your Team

If you haven’t yet read our previous piece in this blog series, which explains what steps your organisation needs to take in order to check cybersecurity risks, we recommend that you go through it first to understand this topic better – here. In this article, we cover some of the most important steps your team needs to discuss and create an action plan.


#1. Secure Remote Access to Company Data

If your teams are currently using personal devices for work (BYOD policy), and this is not the norm, then cybersecurity risks are much higher than usual as these machines are not governed and potentially not managed. This means that these machines may not have up to date Anti-Virus, Windows patching in place and have unauthorised/managed applications installed. meaning they can be compromised using known security holes. There are many solutions/strategies that can be put into place by the right Technology Partner, that also matches your business productivity needs while securing your data (crown jewels)


#2. Provide a Secure Connection to All systems/Applications while Remote

If/when a remote machine is compromised, hackers will review the data and access this machine has to the rest of the network or remote network, and “oh yes you help them by having shortcuts and favourites to help them navigate easily”. The next step is usually stealing sensitive business data and then encrypting this data. Therefore, it now more important than ever to make sure your entire remote team are provided:

  • Access to data/systems that are required to fulfil there role only.
  • Utilise a secure method to connect to data/systems that is being proactively monitored and kept up to date (to remove known security wholes that are published around the world)
  • All-access should be secured by Two Factor Authentication (2FA) to remove the risk of capturing your known password or using the saved password on the compromised machine.
  • All remotely accessed systems should be proactively monitored 24/7/365 for unusual activity and responded to with full visibility available to you.
#3. Implement Email Filtering and Security Strategies

With large publicity and your team being anxious over common topics at present like Covid this is a daily rapid increasing topic for hackers to utilise. This means email is a common platform to trick your team with unexpected emails asking for a call to action (phishing). These are designed to capture the audience and push for a call to action like capturing your password, request a payment or redirection to a compromised website.


#4. Data Encryption Control

The last thing you want is one of your organisation’s insiders to become the weak link when their workstation gets lost or stolen from them, and it contains your data (crown jewels).

This is much harder to resolve/reduce the risk once you are in this situation, plan now to put measures in place that you can trigger and rest assured the risk is removed quickly, by:

  • Encryption of all portable/home situated workstation disks, if Windows 10 you could utilise Bitlocker as an option
  • Apply solutions that mean no business data is located on these machines but is accessed via the cloud
#5.  Authorised Application for Communication and Data

Ensure your team know what applications are authorised and the process to get an application authorised. Before you know it your business data could be located within an application that is located in the cloud and this may compromise your security or worse break your agreements with your clients regarding the location of their data/personnel data.


Final Thoughts


This isn’t a definitive list of actions your IT team needs to take for improving the cybersecurity strength of your organisation. However, it’s certainly a good place to start.

 

Ready to switch to an IT Service Provider who puts your business needs first?

FOCUS TECH INSIDER
Related Insights

What our clients say

Sign up today to be the first to receive the latest tech news from FTS

Phillip Duffy

Technical Apprentice

I bring a unique blend of humour and a strong willingness to dive into tasks with enthusiasm. My personality shines through in everything I do, adding a vibrant dynamic to the team.

Outside of work, I have a passion for painting miniatures, playing board games, and indulging in video games. These activities not only fuel my creativity but also keep me engaged and refreshed.

Pursuing a career in IT has always been a dream of mine. I am excited about the prospect of working closely with IT and learning from this dynamic field.

Before joining the team, I honed my skills in the retail sector. This experience equipped me with valuable insights into customer service and teamwork.

One quirky aspect about me is my double-jointed thumbs, which always seem to intrigue people!

The opportunity to work with an incredible team and immerse myself in the IT world is what I love most about my role. The camaraderie and the chance to work in IT make every day enjoyable.

Superpower? 🦸‍♂️

Comedian

Sweet or Salty? 🍬🥨

Sweet