How to stay safe while working from home

THE Covid-19 pandemic has made logging on to Zoom and Microsoft Teams part of a new daily working routine for millions of Brits. The use of the video-calling tools has exploded in the past fortnight with people following Government advice to stay at home. But there are increasing fears at how this key tool for home-workers is bringing new dangers. 

From cyber-attacks to data-sharing to breaching GDPR...the hidden perils behind the camera staring back at you are slowly coming into focus.

With that in mind one of the country’s leading law firms has issued fresh advice on how people can safely use the tools.

Harper James Solicitors say there are ten simple rules firms and workers should follow. 

A spokesman said: “Businesses across the country have reacted swiftly to alter their working practices. But as this pandemic develops and the length of time we face working remotely increases, the dangers only increase. 

“We have already seen reports of companies being targeted by cyber-hackers. It is vital firms now boost their defences to ensure that they are working in the safest way.”

Here is a guide on how to best stay safe:

Has the service offered by your IT provider been reduced? 

It is worth checking this before you do anything else. Will you be able to communicate with your IT team in the same way you did ahead of the crisis. If not can you create a new system to ensure remote workers have the best services on hand.

OK, before we start, do you even have a working from home-policy?

Many firms will not. The pandemic blindsided many of us. But its sensible to now issue one. Advise employes on best practice of using computers and other equipment at home. For security purposes use of personal laptops should be kept to a minimum and avoid storing files locally.

Do you know what you actually need to protect from prying eyes?

No? Now is the time to put a plan together with your IT services’ provider. Make sure they cover off all systems and any devices you are using remotely. This includes any BOYD devices. Also, make sure any personal devices being used have the same level of security services. 

Have you activated all anti-virus and firewall products and firewall  products? 

It sounds simple but this should be a priority as it will instantly boost your defences over the coming week. If budget is an issue research the many free and reliable  anti-virus and malware tools that will give you the level of protection you need. Sending out a 

Is all business-critical data being sufficiently backed up?

For smaller firms this may be as simple as backing up your data to a large external hard drive, but for those businesses who require masses of data to operate, it’s a good idea to leverage the protection that cloud storage can provide. Cloud storage security such as advanced firewalls, activity logging, encryption and intrusion detection will stand you in good stead when it comes to storing data, wherever you and your employees are working. 

Do you need to use a VPN to protect sensitive data?

If your business frequently handles particularly sensitive data, it may be wise for your staff to access this data via a VPN. This will add an additional layer of security for your business, scrambling login details, email communications, downloads and portals or sites you access so that hackers are less able to intercept this kind of information. For those with concerns about the security of their workforce’s data as they work from home, investing in a VPN package may help give you peace of mind while practically strengthening your security measures.

How secure is each of your employees wi-fi networks?

Remember that if your employees are accessing sensitive data while working remotely, the wi-fi networks they’re using may not have the same levels of protection, such as firewalls, as those installed in the workplace. If they’re working from home then it’s likely that they’re home wi-fi network is secured but if, while under self-isolation, an employee is using an open network, this could leave you vulnerable to a data breach or a malicious party intercepting sensitive data. Regular communication with your employees as to their whereabouts and their remote-working setup should tell you whether they will be vulnerable or not.

Have you advised your employees on opportunistic phishing emails?

Stay alert to continuous updates on potential cybersecurity vulnerabilities that your business could face as your teams work remotely over the coming weeks. You can get advice on phishing attacks in relation to the spread of coronavirus on the National Cyber Security Centre website – this may go some way to preventing your employees from falling into these traps and jeopardising the efforts your teams are currently showing to continue as efficiently and as routinely as possible.

Do you have measures in place to deal with a cyber-attack, should one occur?

Your incident response plans may have been created without the current circumstances in mind. And while working outside of the everyday norm, it’s worth making sure that other response methods are put in place should an incident occur. For example, where you would normally have technicians physically intervene to reimage devices, you may instead want to test-run remote tools so that the relevant technicians can responds just as quickly as they would if they were on site.

What next? 

For further legal information and resources in relation to the COVID-19 pandemic, visit the support hub for businesses.