Staying Secure Whilst Working From Home
1st April 2020
Given the increase in working from home, we are unfortunately seeing a significant increase in cyber crime across UK companies. Here, Alex Mathers, our Partner Inflexion’s Digital Lead, shares a few top tips in staying secure whilst working from home.
1) Be extra vigilant to 'phishing' attempts
Cyber security organisations have observed an increase in attacks recently, both Coronavirus-themed (eg treatments / cures, tax refunds, advice on safety measures, donations to charities etc) and attempting to take advantage of distributed and potentially distracted workers
• Know what to look for - eg. poor grammar, impersonal addressing, sense of urgency - if in doubt, verify via contact details you have separately to the email - see https://www.ncsc.gov.uk/guidance/suspicious-email-actions
• Whilst the majority of attacks are via email, text messages and voicemails aren't unheard of - so be on guard for these too
• Pay particular attention to multi-factor authentication requests (typically on your phone) - if you're prompted to approve a login, ensure if it was you that made the request
• Stick to policies & processes - remember that impersonating executives / board members in emails to team members is a standard form of attack, so it’s important to always follow process, no matter who the email appears to come from
• Ensure you report any issues or suspicions – don’t assume someone else has, especially if you’ve clicked on a suspicious link
2) Ensure you're (personally) protected against hacking attacks
• Ensure you're (personally) protected against hacking attacks
• Don't ignore software updates- these 'patches' are vital in keeping your devices secure
• Try and avoid connecting to insecure WiFi networks - as there's a risk people in the vicinity may be able to snoop on your traffic - though this is mitigated by…
• …using the VPN- this encrypts all of your internet traffic from your machine, keeping it away from prying eyes
• Secure your home WiFi- with both a strong password to connect, and also it's a good idea to change the default admin / settings password (please, no '12345' passwords)
• If at all possible, don't let other family members use your work devices - as you don't know what they'll install / click on… If in doubt lock your computer when you're not using it, just like in the office
3) Be aware of your physical environment (still)
• Now we're all using Teams / Zoom / Webex video conferencing much more, be mindful of what might be seen in the video (ie is there any risk that documents can be seen on camera?) - and also it's worth being extra-vigilant that there aren't any unwanted listeners / viewers on calls before getting started
• Also, everyone has different working from home situations - consider what documents / technology you leave out when not working and who could have access to them
For COVID-19 related guidance, visit our dedicated Coronavirus Support For Businesses webpage.
Inflexion is a mid-market private equity firm, investing in high growth, entrepreneurial businesses with ambitious management teams and working in partnership with them to accelerate growth. Inflexion is working closely with its broad portfolio of companies during this current crisis to help them navigate the significant challenges that all businesses are facing. If you are in need of external funding or support, please feel free to contact the IFB for an introduction to Inflexion.