As remote working has become the normal, it is important to keep diligent and safe. Not just from the COVID-19 virus, but from digital viruses and other cyber threats you may be exposed too. Twitter is just one company who have announced that all their workers will be allowed to ‘work from home forever’. There is likely to be a change in how we all work, as businesses realise that they will be able to offer workers the opportunity to work from home where they are able to do so. If this does become a more frequent way of working, what can you do to make sure you keep protected from Cyber-attacks?

Phishing
Cybercriminals are taking full advantage of the situation we now find ourselves in. With increased email usage, so have the phishing attacks. Remaining vigilant and doing simple things will help to prevent hackers from gaining access to any information and keep your business network secure.

• If you receive an unusual email from a colleague, check that it has come from them. The true email address will be visible at the top. If it is not, you can click on reply to see the actual address from where it has come from. Delete immediately and then let your colleagues know and the rest of your peers to be wary of such emails.
• Often phishing emails will have a business name attached to them to fool you into thinking it is an official email, such as a Banks name or Internet Provider. Use the technique above to double-check the real sender.
• Do not open any attachments or links from senders you are not familiar with. If there is a link, by simply hovering your mouse over the link, will display what website you will be routed to. We have all at one time or another had one of those ‘Cryptocurrency’ emails. You can also check the attachment in this way too, by hovering your mouse over it. Often the attachment will direct you to a website.
• If you are ever asked for personal and private information, do not under any circumstances respond.
• If you are unsure of an email, then speak to your IT team or forward it on so they can check for you.

Passwords
This may seem like an obvious one, but you will be surprised at how even the techiest of people can be lazy when it comes to passwords.

• Use password management tools rather than local storage
• Follow the guideline of creating strong passwords. Ensure they are at least 8 characters long and include special characters, uppercase letters and numbers.
• Two-step authentication can provide extra security. It works by requiring 2 types of information from the user such as password, PIN, email or fingerprint before you can gain access. If you are running Microsoft Windows 10, you can turn this function on and Google Authenticator can also provide extra security.

WIFI Security
With your home WIFI, there are a few things you can do to make it more secure and prevent hackers from gaining access. Hackers can often direct you to another website where malware is installed for them to access your confidential information. Some easy steps for you to follow are:

* Change the name of your Network – Most Providers will provide you with a router with a predetermined username and password – they are typically printed on a label somewhere on the device. Many people stick with this default login, but the standard username and passwords are fairly well-known. The SSID (the name that is displayed when scanning for networks) is usually a provider-related name, eg SKYXXX, BTXXX, VMXXX, or the manufactures name, eg, Netgear, Belkin etc. This gives the hackers information on what type of router you have and how they can exploit it to gain access. Change the name to anything you wish without giving away information.

* Change the network Password – Just as the network name, this will usually be a string of random letters and numbers usually located on your device. Change it to ensure maximum security.

* Deactivate WPS – Wifi Protected Setup is not available on all routers. It is a mechanism used to make the connection of wireless devices easier bypassing the need for a password. It is usually activated by a button on the device labelled WPS. Some experts question its security and to be on the side of caution, just deactivate it in your router settings.

* Do not broadcast your network – It usually defaults that your network will broadcast its SSID for users to find when scanning for networks. By removing that function and keeping your network hidden will obviously make it more secure. There are issues with doing this, as not only will unwanted devices not be able to detect your network, neither will your devices. All it means is you will have to manually enter the network name for your devices to pick it up.

* Enable your router firewall – Numerous routers have programmable firewalls that can be switched on or off. Under the router settings, makes sure yours is enabled. Its not completely infallible, but it is worth adding another security layer. The firewall will filter the data checking what is safe whilst blocking unauthorised access. Lots of Internet Security tools such as Norton, Kaspersky include firewalls adding even more security.

* Ensuring the router’s firmware is up to date – As with everything from your phone, device and computer, the router will have firmware that needs to be updated. The majority will update automatically but check your router settings to check if there is an update.

* Unknown Devices – Check to see what is connected to your network and make sure there are no unknown devices. You can as well, filter MAC addresses. All devices including phones will have a MAC address, if you use an iPhone you can find it under Settings>General>About>Wifi Address. If you are using an Android under Settings>General>About>Wifi MAC Address. You can then filter MAC addresses and only accept access from approved devices. If you are unsure how to access your Routers control settings, as it may vary dependant on the manufacture, you can use a search engine to look it up.

* Never share Passwords – Keep this information private and do not divulge it with anyone outside your organisation, or household.

* Act with caution with downloading applications – Quite often these can hide malicious data, so check the source of where they are from and check they are from a reputable app store.

Providing a Secure Business environment
Businesses will ensure that they provide a secure environment, with known websites, systems, software, and tools approved. Any websites that may pose as a threat will be blocked. The security may become compromised if employees are using devices with no supervision, uploading new tools or systems, or accessing websites. To pre-empt any risks and security threats, you need to ensure that staff know what is not allowed and if there is a desire or need for a new system, tool or software to be used by them, that there is a clear process for giving approval and integration into your systems.

Communication
As with every eventuality, communication is key. With organisations varying in size, industry and sector, different security challenges that will require a much wider scope of security measures to be put in place. Homeworking increases the risk factor and IT departments are working to try and combat these. With such a drastic change in how we work in a short period of time, there is an opportunity for things to be missed. Keeping the flow of information cascading through the ranks and encouraging staff to report anything they suspect is imperative. Information is power and warnings about what they should be on the lookout for and avoid is important. As is the information from yourselves and how you are combating the potential cyber-attacks and what extra measures you are putting in, will reassure your employees.