Is your home office cybersafe?
Recent studies show around 40% of Brits work from home, spending an average of 1.5 days at their home office desks.
And, evidence shows it’s here to stay. The ability to work from home exploded during the Covid pandemic, and since then, 84% of workers have said they plan to carry out a mix of working at home and in their place of work.
However, whilst the office environment is a less permanent option for most workers, traditional office setups are much more likely to adhere to online safety protocols. It is likely that the office IT team’s capabilities are much less effective when employees are simply not there.
So how cybersafe is the typical home office or remote work setup? And what are the risks to look out for?
Tom Holloway, head of cyber security at Redcentric comments: “The security needs of a remote workspace are different from the typical office space, which typically adhere to robust security strategies with established perimeters.
“More employees at all levels work remotely than ever, using third-party apps and mobile devices. This is where perimeter-based security systems cannot manage work environments, because they simply aren’t designed to.
“Employees have historically been the weakest link in cyber security, never more so than in a remote workspace. Cybercriminals take advantage of people’s or device’s remote location and poorly set up security protocols because they know the limitations of people and their devices.
“Physically isolated staff are more likely to be victims of phishing emails, clicking on links to malicious content. Criminals also know that employees download unauthorised apps often, write their passwords down in easy-to-find places, don’t lock their mobile devices, or forget to turn on their corporate VPN before checking work emails.”
To help Brits stay protected in a remote work environment, Tom shares his top tips on how to increase your online security whilst out of the office:
Work from a place where ‘shoulder surfing’ is difficult
“Consider how private your workspace is, and who might be able to see what’s on your screen. For example, if you’re working on public transport, coffee shop or in a co-working space ‘shoulder surfing’ becomes much easier - people can very easily see and read text on your screen, which can often contain highly private information.
“If you can’t be selective about where you work and it is in a public space, consider investing in a privacy filter for your monitor. This is a thin layer of polarised plastic, that significantly reduces the viewing angle of your screen.
“If you regularly have video calls, try to book these in private, sound-proof phone booths with nobody else around. That way people won’t be able to eavesdrop into private conversations.”
Ensure private documents are accessed over a VPN
“Using public Wi-Fi when you’re accessing sensitive, private information relating to your work can be very dangerous. Public Wi-Fi can be easily accessed by or indeed emulated by hackers who may be able to subsequently access documents, files and passwords.
“If you do need to access private documents whilst in a remote work environment, it’s important these are accessed through a VPN (virtual private network). Having a VPN provides an additional layer of security, making it more difficult for others to intercept your communications. If you’re not sure whether your company offers a VPN, speak with your IT team to see if this is something they can introduce.”
Don’t allow other people to work on your device
“Ideally, use separate devices for personal and work activities. If you use your laptop for both work and personal purposes, try to ensure that only you have access to it, and it isn’t passed around between friends and family members, and other colleagues. Once your laptop is out of your hands, you lose control over who sees the information stored on it, not just by the person using it, but also by the people around them.
“If you’re using your laptop in a co-working space, or home environment where other people can see your screen, make sure you lock the screen whenever you leave your laptop unattended - even if it’s just for a few minutes whilst you make a cup of tea.”
Ensure you have a strong authentication process to access your device and data
“Make sure you have a robust authentication process when it comes to logging in to your device and accessing any tools you use online.
“For example if your laptop has touch ID, ensure you have this set-up so only you can login using your own fingerprint.
“When it comes to your passwords and logins, it’s important to implement two-factor authentication, enforce high-quality password formats; your passwords should be 12 characters long, and they should never contain personal information such as your address, pet’s name or date of birth.”
Ask your IT team for training in how to stay safe when working remotely
“If you don’t feel confident in the security of your remote or home working environment, ask your IT team for some training or guidance around this.
“If you are self-employed, resources such as the National Cyber Security Centre provide lots of guidance on how to stay protected.”