Wednesday, 04 November 2020
Lockdown means old boundaries between personal and professional devices are blurring – businesses should take action to shore up cyber security.
Businesses know the damage a cyber breach can do. From identifying threats to putting protections in place, safeguarding against online threats is a top priority – now more than ever.
By ushering in a new era of remote working, coronavirus is stretching our cyber-security processes to their limit. In particular personal devices, while a crucial tool allowing many to work from home, also represent a new frontier in the fight against hackers, phishers and other agents of online theft and fraud.
Panic not: with a few simple steps, businesses can ensure remote working on personal devices stays secure as well as flexible.
Ideally, personal devices should remain just that: personal. But is this even possible anymore?
Yes, says Annabel Kaye, director of small business support firm KoffeeKlatch – with a bit of initial setup. “Wherever broadband speeds permit, use remote viewing of your own servers to limit the amount of information downloaded locally to personal devices,” she says. By cutting down the amount of business-critical information being traded across potentially unsecured networks, the potential for fraud is cut off at the source.
But it’s important to back this up with procedural diligence. “People can’t store confidential personal data on their personal devices – doubly so any that are shared,” Kaye emphasises. It’s crucial that businesses keep track of sensitive information and when it’s being downloaded, so it can be deleted afterwards where necessary.
They might not be just down the corridor anymore, but IT departments should still be the first port of call for businesses relying on personal devices to facilitate remote working.
Many firms can use this as an opportunity to bed down more secure cyber practices for the long run. “It’s essential that businesses remind staff of the IT security policy,” says business adviser Sherry Bevan. “For example, if working on a personal device, are they keeping up with the latest software updates, including security patches?”
“Your biggest risk is actually your home wifi, with kids logging in and out of gaming sites and possibly picking up viruses as they go”Annabel Kaye, director, KoffeeKlatch
Go to your resident experts and get their input on cyber-security best practice – it’ll be more effective than cobbling together lots of new rules and regulations. “If your business has an IT department, make sure you are working in accordance with their homeworking and security guidance,” says Kaye. “They can often set you up remotely with lots of things to help secure your devices.”
Bevan asks: “If you’re working from home, how strong is the password on your wifi router?” This is a good question because in the time it takes you to stroll to the kitchen and make your third coffee of the morning, a seasoned hacker could easily obtain access to a poorly secured internet connection – and with it highly sensitive company information.
According to Kaye, “your biggest risk is actually your home wifi, with kids logging in and out of gaming sites and possibly picking up viruses as they go”.
Your personal device won’t stay secure for long if it’s connected to a compromised router. Changing your password to something harder to guess is internet security 101. Using a VPN (virtual private network) while remote working will take your online security to the next level, guarding against even the most questionable browsing habits of your offspring.
Linked to the above, having separate wifi channels and computer accounts for you and those in your household offers another layer of protection.
A personal device with a single account can compromise a business in two ways: exposing private information, and inadvertently increasing the risk of picking up a virus online.
Kaye recommends multiuser accounts across all personal devices, so that workers and others in their household “do not have access to the same space and ensure work is done on one user login only, saving information in spaces only that user can access”.
This can be extended to wifi connections to maximise personal device security: “Most modern wifi hubs offer multiple login setups,” says Kaye. This means children, flatmates and other members of the household can be isolated from work-only connections and can, in addition, be “confined to accessing devices you don’t need for work”.
There is a plethora of effective, free antivirus packages available on the web – think Kaspersky, Bitdefender and Avira – and there’s never been a better time to download.
“Scammers and phishers are working overtime at the moment,” says Kaye. As well as office-supplied mobiles and computers, she says, “make sure your kids’ devices have automatic antivirus and malware checkers on them”.
Even with workflows as disrupted as they are, organisation is critical to drive home the benefits of this software to workers. A 2019 GlobalData report found that unchecked, unregulated user access to sensitive data was one of the “biggest challenges” for companies attempting to establish effective cyber-security protocols, and that “active support from top management” is needed to ingrain it as a priority. Security of personal devices is now a matter of professional importance – managers must lead the charge.