With so many people working from home currently, now is the time to remind your employees of these top cyber security tips:
• Do not share passwords
When employees bring work devices home, those devices should not be shared with or used by anyone else in the home. This reduces the risk of unauthorised or inadvertent access to protected company information.
• Only use work equipment for work related activity and keep all work on work devices
Malware can be distributed via social media sites. Some networks have been compromised by employees looking at social media sites on their work devices, resulting in data breaches and worse. Equally, all work should be confined to work devices, which are protected by the necessary levels of IT security. Personal email providers, such as Hotmail, Gmail etc. are easily compromised, so data should not be sent to these personal inboxes.
• Make sure you implement system and mobile device updates
Updates on your company network will probably be pushed out centrally so it is important that employees shut down their computer each night to allow updates to happen. Remind employees to check their phone for notifications of updates and to make sure these are installed. Ensuring you have the latest software downloaded on your mobile device doesn't just provide you with all the latest features – it ensures the best protection for your personal data and the highest security when connecting to your company’s network.
• Never click on links or open attachments if from an unknown source
Beware of phishing attacks and other forms of social engineering involving remote devices and remote access to company information systems. There are an increasing number of Coronavirus-based phishing emails circulating preying on the health concerns of the public. Criminals are presenting as medical experts or officials from healthcare organisations and pushing out messages that suggest they offer advice or critical information about COVID-19. By clicking on links in emails or online articles, people may inadvertently infect their device or network with malware, facilitating data theft, stealing of funds or worse.
With so many people working from home currently, now is the time to remind your employees of these top cyber security tips:
• Do not share passwords
When employees bring work devices home, those devices should not be shared with or used by anyone else in the home. This reduces the risk of unauthorised or inadvertent access to protected company information.
• Only use work equipment for work related activity and keep all work on work devices
Malware can be distributed via social media sites. Some networks have been compromised by employees looking at social media sites on their work devices, resulting in data breaches and worse. Equally, all work should be confined to work devices, which are protected by the necessary levels of IT security. Personal email providers, such as Hotmail, Gmail etc. are easily compromised, so data should not be sent to these personal inboxes.
• Make sure you implement system and mobile device updates
Updates on your company network will probably be pushed out centrally so it is important that employees shut down their computer each night to allow updates to happen. Remind employees to check their phone for notifications of updates and to make sure these are installed. Ensuring you have the latest software downloaded on your mobile device doesn't just provide you with all the latest features – it ensures the best protection for your personal data and the highest security when connecting to your company’s network.
• Never click on links or open attachments if from an unknown source
Beware of phishing attacks and other forms of social engineering involving remote devices and remote access to company information systems. There are an increasing number of Coronavirus-based phishing emails circulating preying on the health concerns of the public. Criminals are presenting as medical experts or officials from healthcare organisations and pushing out messages that suggest they offer advice or critical information about COVID-19. By clicking on links in emails or online articles, people may inadvertently infect their device or network with malware, facilitating data theft, stealing of funds or worse.
• Be conscious of personal data
Know which information requires safeguarding and treat it accordingly. This often includes information such as confidential business information, protected property, customer information, employee data and other personal information. On video / conference calls be careful of what you share on screen with others. Suggest that employees should practice how the functionality works in advance of a meeting to ensure they do not share any information they shouldn’t.
• Talk to your IT help desk but make sure it’s really them
Encourage contact with your IT help desk for support, but beware, criminals have started to masquerade as IT help desk support to trick employees into giving up login credentials, by requesting permission for remote access and other tactics. Encourage employees to verify the legitimacy of any call purporting to be from your company’s IT help desk, by calling back the service using the contact information found on your company intranet.
• Remember general cyber hygiene
Despite working from home, it is not a time to neglect general cyber hygiene, such as encrypting data or emails with sensitive data and being vigilant when using predictive text on emails to ensure they are being sent to the correct recipient. It’s easy to just keep working once you get into the flow but when tired, we all make mistakes that could compromise company data.
• Be conscious of personal data
Know which information requires safeguarding and treat it accordingly. This often includes information such as confidential business information, protected property, customer information, employee data and other personal information. On video / conference calls be careful of what you share on screen with others. Suggest that employees should practice how the functionality works in advance of a meeting to ensure they do not share any information they shouldn’t.
• Talk to your IT help desk but make sure it’s really them
Encourage contact with your IT help desk for support, but beware, criminals have started to masquerade as IT help desk support to trick employees into giving up login credentials, by requesting permission for remote access and other tactics. Encourage employees to verify the legitimacy of any call purporting to be from your company’s IT help desk, by calling back the service using the contact information found on your company intranet.
• Remember general cyber hygiene
Despite working from home, it is not a time to neglect general cyber hygiene, such as encrypting data or emails with sensitive data and being vigilant when using predictive text on emails to ensure they are being sent to the correct recipient. It’s easy to just keep working once you get into the flow but when tired, we all make mistakes that could compromise company data.
Sign-up to be notified about future articles from the Resilience Series, and other thoughts, reports or insights from QBE.