Insecure Remote Working
Due to recent developments regarding the Coronavirus, employees are increasingly working remotely. Organisations in this situation should consider the cyber security implications of increased remote working.
Below are some considerations on staying secure whilst working remotely.
Advice
Phishing
Phishing/Spear phishing/Business Email Compromise remains a huge threat to organisations. Ensure that staff remain vigilant and educated when it comes to spotting suspicious emails. Remember, if you’re in doubt over whether any correspondence is genuine, pick up the phone and call that person to check (don’t use the number provided in the suspicious email though).
For staff in smaller organisations, further advice can be found via the National Cyber Security Centre’s Small Business Guide entry:
https://www.ncsc.gov.uk/collection/small-business-guide/avoiding-phishing-attacks
For larger organisations see the NCSC guide:
https://www.ncsc.gov.uk/guidance/phishing
Strong passwords and ‘2FA’
All of your accounts and devices should have strong, unique passwords set. Two-Factor authentication (2FA) is a second piece of evidence you provide to prove it’s definitely you logging in (this is usually a generated code sent to your device). A strong, unique password and 2FA makes it much more difficult to compromise your account. If you use Office 365, then it’s incredibly important that the above steps are taken. Further advice on strong passwords/2FA can be found on the NCSC’s site at https://www.ncsc.gov.uk/collection/small-business-guide/using-passwords-protect-your-data
Home routers
Make sure that you have changed the default admin password to your router to one that is strong and unique (see above advice). This will help prevent attackers from hacking your home network and intercepting sensitive communications.
VPNs
If available to your company, using a Virtual Private Network (VPN) is one way of communicating more securely over the public facing internet. Make sure that all staff are aware of why and how they should make use of them.
If you’re looking to use a VPN, do your research and choose a reputable provider from an official source.
Tethering
If you aren’t confident about using a Wi-Fi point, you can instead tether your device to one which has a 3G/4G connection (e.g. laptop tethers to phone). This is typically more secure than using an untrusted Wi-Fi hotspot.
Watch out for fake login pages/URL spoofing
When working remotely, you may have access certain services through your browser. When logging in, check the URL in the address bar to ensure that you’re on the correct page, and everything operates as it should do. For added peace of mind, you can bookmark important sites and only visit those sites via that bookmark.
Use approved file sharing services
Only use the software that your company would typically use to communicate and share files. Refrain from using your personal email or 3rd party workaround services unless you have checked that it’s fine to do so. If you’re asked by your company to download additional software, make sure that you’re downloading from the official source.
Updates
Ensure that all operating systems and software (not just security specific software) receives updates. Updates contain vital security patches which will protect you against cyber-attacks.
Physical security
Removing work equipment from the work environment results in risk, including theft/loss/damage of devices and documents. Ensure that everyone is reminded of the need to keep devices secure and protected, and how to do so. This may include keeping devices locked away when not in use, use of privacy screens, checking that devices are password protected/encrypted, and generally being aware of your surroundings.
Communication is important
Security should be integrated not just with technical solutions but in all aspects of the business – this includes relevant communications. Any internal releases on changes to work procedures e.g. bulletins/ company blogs should emphasise the importance of security responsibilities. If it is relevant, this is a good approach to take with external communications to partner companies, supply chains, and customers.
Reporting
If you have been a victim of a cyber-crime, please report it to Action Fraud, which is the UK’s national cyber-crime reporting portal. You can report through phone (0300 123 2040) or on their website at https://www.actionfraud.police.uk
Reporting helps build intelligence for law enforcement, which can aid investigations as well as informational campaigns to prevent others from becoming victims.
Action Fraud operate a 24/7 live cyber reporting line for organisations! Further details at:https://www.actionfraud.police.uk/campaign/24-7-live-cyber-reporting-for-businesses
Information provided courtesy of SW RCCU and NCSC.