#WFH: 5 Tips for Stronger Home Working Security

23 March 2020 by Charlotte Nuttall

Due to the ongoing Covid-19 pandemic, the past few weeks has seen businesses across the globe quickly adopt a home working approach, which has caused a new wave of security threats to emerge.

A working from home (WFH) strategy presents plenty of new opportunities for teams to modernise and re-think how they connect, collaborate and deliver services. However, such a large number of organisations transitioning to home working over a short period of time has also unfortunately allowed cybercriminals to seize new opportunities.

To help you make your WFH strategy as secure as possible, we’ve put together our five top tips for stronger home working cybersecurity.

1.      Connect securely to your network

So many of us are accessing our workplace files from outside the office right now – but are you and your team covering the basics when it comes to connecting securely? Ensure that you:

• Set up home working devices safely: Misconfigurations can lead to security flaws which are exploited by threat actors. And employees who have never used a VPN (or your connection of choice) need ample instruction and support to minimise risks to your corporate network.
• Verify users: As people aren’t currently communicating or working face to face, there is a growing need for authentication and verification. Use two-factor authentication (2FA) or multi-factor authentication (MFA) to verify users and devices connecting to your network.
• Control data privileges: With your whole team accessing business data remotely, keeping track of who has access to what is essential for minimising data security threats. Desktop as a service solutions make this particularly easy to manage, as all your business data and user access are controlled from a central point.
• Connect to private Wi-Fi networks only: Notify your workforce of best practice Wi-Fi security. Ensure everybody has updated default Wi-Fi passwords with a stronger alternative and only connects to a secured, private Wi-Fi network when working from home.
• Implement a lost/stolen device policy: Where possible, avoid the storage of critical business data on home working devices to avoid potential data breaches if they are stolen or lost.

2.      Strengthen awareness of cyber-threats

When teams work from home, this naturally increases the number of endpoints for your business network. This isn’t an issue if adequate security policies and procedures are in place. However, as we mentioned before, cybercriminals are taking advantage of people and businesses not equipped to deal with remote security threats. Three common threats to think about are:

• Phishing: This week, the British police stated that coronavirus-related phishing reports increased by 400% over the last six weeks. Phishing emails are targeting people with clickbait subject lines containing ‘coronavirus’ or ‘COVID-19’. As a result, malware attacks have also risen.
• Doxware: These attacks have returned to the mainstream with a vengeance. This strain of ransomware involves business data being stolen and held to ransom; cybercriminals then threaten to sell your data and notify customers that you have been hacked and their data compromised. Experts say that doxware has never been deployed to the degree we are seeing during the pandemic.
• DDoS attacks: Several high-profile DDoS attacks have been reported over the course of the last week as threat actors target organisations’ networks with high volumes of traffic designed to knock them offline. For those whose online presence is absolutely essential for business right now, we’d highly recommend investing in DDoS protection.

3.      Ensure software and antivirus are up to date

This comes back to the basics. If you’re not using a DaaS solution, where all your software and applications are managed for you, you must ensure software and antivirus are kept up to date. If not, opportunistic cybercriminals may identify and exploit vulnerabilities in your network, hacking your business systems and causing a data breach. With such a high volume of cybercrime currently present, it’s not worth taking any chances.

4.      Back up your data

Should anything happen to home working devices or office hardware, or your business data is targeted by a cyber-attack, the ability to retrieve as much of that information as possible is essential. Ensure all your business-critical data is backed up to a location totally separate to your corporate network. For ease, first centralise the storage of all business-critical data from which secure off-site backups can be regularly generated.

5.      Be mindful of compliance

With often large financial and reputational repercussions involved with non-compliance, this tip is crucial. For some, complying with industry standards may depend on employees being within your secured office premises and not account for a remote working scenario. Double-check exactly what is required of your business to maintain compliance standards and how you can adapt your WFH strategy to accommodate these requirements.

Secure remote working, managed

The ability for your business to adopt a WFH approach is essential in the current climate, whether it’s to cater to the expectations of modern workforces, ensure business continuity in adverse weather, or even to manage under the strain of a global pandemic.

Our desktop as a service solution FastDesk allows your business to implement a secure WFH strategy with no IT hassle.

• Ensure secure access to workplace desktops and apps
• Maintain compliance standards
• Fulfil security needs with bespoke solutions
• Enable your team fast, secure device setups