Is Home Working Exposing Your Corporate Network?
The pandemic of 2020 saw a rise in homeworking and many businesses have realised that this is a viable option for work going forwards. However, did you know that ransomware is one of the fastest growing crimes on the planet? So, ask yourself, is home working exposing your corporate network?
Below you’ll find some important tips on how you can make sure that your corporate network and all of your data stays safe.
What are the threats to your corporate network?
If your corporate network is exposed, and there are not enough IT safety measures in place. You can be exposing your business to unnecessary risk.
Ransomware, a type of malware, or malicious software gives cyber criminals the ability to hold your business to ransom. With this method, these individuals will be able to gain access to the data in your corporate network. Then they demand a ransom for their release, with the threat of permanent deletion if you fail to pay. We advise you to never pay the ransom, as you are not guaranteed to get your data back and you will be targeted again. Instead, ensure you have a good well tested backup. Thankfully, given the right protection across your network, you can put preventative measures in place to stop this and other malicious attacks.
The stats for ransomware are shocking, with one small UK business being hacked successfully every 19 seconds. Your business and corporate network could also be exposed to other malware attacks, spyware and other viruses. For instance, 55% of UK email is spam. If a well-intentioned employee clicks on an innocent looking email, it could be opening the gates to a cyber-attack.
It’s not all doom and gloom, there is plenty you can do to protect your corporate network against cybercrime. As they say, prevention is better than the cure. So, it’s important to develop a long-term strategy to protect against threats.
How can you stop exposure to your corporate network?
There are a few ways that you can help to protect your corporate network against attacks whilst your employees are working from home.
1. Train your staff
Unfortunately, and unintentionally, your team can cause a security breach. All it takes is a click on the wrong link or replying to a well-crafted phishing email. Human error can occur, especially when distracted or tired. Home working conditions are different to those in an office. That’s why it is vital to have your staff aware and educated on cybercrime.
By training your staff about cybercrime, you can ensure that whilst they are working at home, they know exactly what to look out for to keep your corporate network safe. Make sure your staff are vigilant with suspicious links and emails. Think about giving regular cyber security training. Here at SupPortal, we offer online training, which consists of a series of short sketch animations. These are only around one minute long, and you’ll find a quiz to check what you’ve learned. We believe this format generates particularly high user engagement. As a business owner, you will also be able to see if your users have watched the training.
We also cover more in-depth training, which can be delivered online or on site. Particularly useful for management teams is a desktop stimulation of a cyber-attack scenario. This is to test how well the things you have put in place work. Being prepared and well-practised is key to survival in the event of a serious attack.
By training your staff, they will know to take cybercrime more seriously, which will help to keep your business’ data and files safe. A team well trained is a great first line of defence.
2. Be vigilant with emails
Think before you click! Spam email is an extremely common access point for cyber criminals. Delete the suspicious emails, don’t enable macros and alert your IT support partner.
It is also important to be aware of the vulnerabilities in your supply chain. It is good security practise to ensure that your supply chain meets the same standard of security you adhere to yourself. Good IT governance standards like IASME Governance require you to make sure your supply chain does as much as you do to protect your business and its data. Cyber criminals are able to gain access to your corporate network, and business data by sending out a genuine looking software update or email masquerading as someone you know.
However, instead of updating, it is a fast destructive virus that could wipe out the operation of your business. That is why it is vital to source suppliers wisely and ensure your IT security is safe.
3. Back up your data
There are numerous benefits to using cloud computing, however you do still need to make sure security is in place. You can’t be complacent in thinking just because it is in the cloud that it is safe. You should still make backups.
Keep copies of your files, so that if an attack does occur, you will have a copy of the data and files. By backing up and checking your data, you will be able to access versions from before the attack, minimising the potential impact as well as reducing the chance of reinfection. You should also test that you can restore data from the backup. Backups should be encrypted and if you are using a local drive, this should be removed after each backup. Even though you may have a copy, you still need to do everything to protect your files, as you don’t want it falling into wrong hands.
Organisations should ensure that periodically that all staff update the devices they are working on and install software and system updates. They should also have sufficient anti-virus software up to date and in place. Poor patching of computer equipment is the most common way to fall victim to an attack and Cyber Essentials require updates to be carried out within 14 days of release.
4. Safe and Secure Passwords
One of the most common mistakes that companies and individuals make, is setting easy and poor passwords. Due to this, many sites and programs are developing new, multi-layered methods to protect their users and this is why multi-factor authentication is now more commonplace. It would be wise to set this up with your company, to protect your network.
Using password managers can also help, as they can generate complex passwords for you that you don’t even need to remember. However, we recommend you steer clear of free software and use a paid one, such as 1Password. Having good technical policies in place will also help, so ensure users have at least eight characters and include upper, lower, numbers and special characters within passwords.
Don’t share passwords with other users, or applications. Instead, see if you can use an API key to provide access instead. This enables different pieces of software to talk to each other without exposing the passwords for each to other users. These need to have strict cyber security measures in place too, so you may need professional support to double check the stringent data encryption and authentication software.
5. Review your IT infrastructure and VPN (Virtual Private Network)
A VPN (Virtual Private Network) allows your employees to log into your corporate network from home. They are incredibly useful, but only if they are fully secured end-to-end and send all user traffic through the corporate firewall. If the user can be connected to the office but browse the internet through their own firewall, then your business is actually MORE at risk. An IT support partner will be able to advice if you have the right one in place for the needs of your business. They will also be able to advise on whether the devices and software that your employees use is suitable for their roles and have the right security systems in place.
6. Seek help from an IT Support Partner for your Corporate Network
Gain peace of mind by having an IT security expert involved, who can assist with a range of solutions including security audits and training. This way, you will know that you have the right security and knowledge to keep your corporate network safe and secure. It also means that if there is an emergency, you have a trusted resource to turn to.
Your IT security partner can keep your software and systems up to date, provide invaluable training for your team as well as ensure all of your remote networks and software is running smoothly.
Remote working, without the risks
Get in touch today if you would like to know more about how we can ensure the safety and security of your corporate network, whilst your team are busy working from home.