23 Feb, 2021
Since the first lockdown, cyber security has been on the rise but why? Quite simply because remote working employees are easy targets and businesses are finding it difficult to manage everyone. So, what can organisations do to protect their cyber security?
1. Supply your employees with work laptops
Resources could be a topic here but think about it, you have no control over how that device is used or even who has access to it. With potentially a whole family using one laptop for various purposes, there is a risk that one wrong click could compromise not just their device but their co-workers’ and even the company server.
2. Set up a Virtual Private Network (VPN)
VPNs offer an additional layer of security that hides the IP address of users, encrypts data transfers, and masks the user’s location. Most large organisations will already have a VPN service in place but if you don’t, speak to your IT provider to find out more.
3. Set up cloud storage
Cloud storage solutions allows users to access data away from the office on any device and will prevent them from using their own personal storage or messaging services, therefore reducing risks.
4. Enforce strong password requirements
Passwords can be easily guessed, especially if they are a commonly used password or re-used across multiple accounts.
Enforce strong passwords requirements and ensure these are updated on a regular basis. A mix of three random but memorable words is a great way to reduce the risk of your password being guessed. To add an additional level of security, consider implementing an MFA too (see below).
5. Use Multi-factor authentication (MFA)
MFA can also be called two-step verification or 2-factor authentication.
Multi-factor authentication adds an additional level of security whenever there is a need to authenticate a user for example, when logging on to a new device or performing a ‘high risk’ action that may involve actions such as changing a password or transferring money.
6. Implement access control
Assigning permission levels to employees based on their role within your organisation can reduce the risk of data breaches should their account be misused or compromised.
7. Assess your third parties
Could your weakest link be the person who manages your social media accounts, sends your mailers or manages your IT issues? Are they also working from home? What data do they have access to? Conduct an assessment on these parties and how they implement security controls surrounding the protection of this information.
Consider using providers who invest in good security hygiene through the implementation of ISO 27001, Cyber Essentials or other similar certifications.
8. Train your team and maintain awareness
Phishing emails are one of the most common types of cyber-attacks and cyber criminals have been making the most of the coronavirus pandemic to exploit the public. Yet, with a little training, these and other scams could be easily prevented.
Your training should also cover cyber security for the home so, making sure they’re aware of the importance of installing the latest software, firmware and application updates on their devices.
9. Ask your team to secure their Wi-Fi router
How many devices in your home are connected to your Wi-Fi router? Think your laptop, mobile phone, smart-TV, tablet, kindle, Amazon Echo, Bosch security camera, Nest thermostat… the list goes on. Whilst these devices are great, they make us vulnerable to cyber-attacks and they are all connected to your Wi-Fi router. Find out more here.
10. Implement an ISO 27001 Information Security Management System
ISO 27001 helps keep your systems and data safe from all manner of threats, including remote working and provides evidence to your stakeholders that you take data security seriously. Find out more about the standard here or sign up to our FREE ‘Introduction to ISO 27001’ online module to learn more.
The National Cyber Security Centre (NCSC) and UK Government have a wealth of guidance available to both individuals and businesses. Find out more here.
ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.
Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email firstname.lastname@example.org.
Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.