Following Prime Minister Boris Johnson’s recommendation to work from home at the end of September, many people in the UK will have begun to do so in October, invoking
Following Prime Minister Boris Johnson’s recommendation to work from home at the end of September, many people in the UK will have begun to do so in October, invoking
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
Firstly, we need to look at how employees are equipped. We rushed to work from home back in March, which in some cases led to a patchwork of company-issued and personal devices. Now, if possible, it would be good to see all employees using company computers that have been secured and protected against threats. However, this is not always feasible – and if workers are using personal computers, it is essential that they use the latest operating system and make sure it is up to date.
The second lesson is about connecting. When we first started to work from home, the speed we had to move at led to disconnection – between employees and IT support workers, employees and employers, employees and data sources. To combat this, employers must encourage workers to reach out to IT teams if anything seems out of the ordinary, especially when it involves financial transactions. Ensure that workers are aware of where vital data is stored. Foster a culture of communication, so that team members feel comfortable reaching out about concerns – even if these are as small as a potentially sketchy email.
Next, we need to focus on keeping data secure. More data than ever is being stored and shared virtually – from school reports to HR files – and this can become vulnerable to attack if the necessary precautions are not taken. A simple way to mitigate against this is to check that employees are using computers that connect to a virtual private network, or VPN. This is a secure way of transporting private data across unknown networks, even via a home router.
The fourth and final lesson is that this moment is very different to the initial lockdown. Rather than a clean sweep of employees working from home, many may now be adopting a hybrid model where they work from different locations on different days or at different times. This can make cybersecurity even harder to manage: employees may be connecting to public Wi-Fi, leaving their laptops on trains, becoming more careless with password storage. Acknowledging and educating employees about these risks is essential to ensuring business resilience as we potentially face a second lockdown.