The increase in phishing and cyber attacks since the start of the pandemic has been well documented around the world. Now, with working from home set to continue for many small businesses, it’s more important than ever that you and your business are prepared for any potential cyber attacks. So what can you do to secure your business data when you and your employees are working from home?
It’s really difficult to implement the same levels of security for remote workers as it is for in-office equipment. So – as well as installing the right software designed to prevent cyber attacks – you and your business can take some simple steps to help keep your data safe whilst working from home. Here are our top tips.
1: Encrypt home WiFi Setups
Now, this may be a strange one to pose to employees, but one of the simplest ways to keep data secure is to work on encrypted WiFi networks. Though this may sound slightly complex, trust us, it’s not!
To start with, encourage employees to change their default router password to avoid the router being hacked. As default passwords can sometimes be extremely easy to decipher, encrypting the password is an excellent way to prevent any nasty information breaches.
2: Use password managers
Though you may be using a password manager on a personal level, it’s a great idea to utilise a password manager for your business functions too (such as 1Password). Depending on your business’s specific IT requirements, the level of security applied to passwords may vary. It’s highly likely that staff will be using simple passwords that are easy to remember across their different accounts.
Whilst this is hardly surprising, it does leave your business more susceptible to cyber attacks. Therefore, the use of a password manager means that your staff can safely store passwords and generate strong combinations that are difficult to guess. Rather than sharing passwords through email, your staff will also be able to securely share passwords (if necessary) across teams.
3: Set up a VPN
Though this may not be appropriate for every business, using a VPN (or virtual private network) can allow users to send and receive data on a public server without concern. Though setting it up will take a bit of effort, it’s well worth it due to the level of security provided when compared to regular public servers.
4: Don’t open suspicious emails
This one may go without saying, but if you see an email that looks even remotely suspicious, don’t click on it! Most of the time, phishing emails are made to look as though they’ve been sent from a trusted email address. Therefore, many people click on them without fully knowing the threat they pose.
Hackers and phishers tend to strike when the world is at its most vulnerable, so many phishing emails claim to provide information about coronavirus that is based on your recent search history. Don’t click on any file or email that seems remotely out of the ordinary. If in doubt, it’s better to be safe than sorry.
5: Keep in close contact with your IT team
As people continue to work from home, IT teams have become even more valuable than they previously were. It is the IT team’s job to know how to secure servers and inform employees about how best to handle any suspicious technical information. If you don’t currently have a designated IT team, it’s well worth checking out what’s on offer through major security sites, as these all tend to align themselves with current best practices on security and cyber safety.
6: Be careful with data
As you are working from home, you’ll likely be handling the same amount of data remotely as you were used to in the office. In terms of handling this data, we recommend treating information in the same way as you would in the office. To keep data confidential, lock your computer when you leave it unattended.
Though it’s unlikely that a bandit will grab your laptop through the window, customers should be able to rely on a certain level of privacy and protection when under your staff’s care. To avoid any data breaching or misuse of data, you should also be keeping information on a designated system or drive and not on a personal hard drive.
7: Encrypt documents
Our last safety consideration that’s akin to the encryption of WiFi routers is ensuring that all devices and documents are encrypted. If you’re working from home, encrypting your hard drive is an excellent idea which prevents unauthorised access to files. If you’re sending data to others, make sure you are being GDPR compliant and password protect any documents being sent. Though this action doesn’t stop cyber attacks completely, it makes it much more difficult for hackers to gain access to your files.
Closing notes on cyber security
In addition to the information we’ve outlined above, it’s important to note that you’ll likely have to alter your working behaviour slightly as you continue to work from home. It’s always incredibly important to be careful with personal data, as the last thing you want for your business is to receive fines from the ICO due to misuse of personal information.
When you work with Warr & Co, you can rest assured that we’ll keep your accounting data secure. As well as password encryption, we use a secure portal for the transmission of data with and for our clients. Talk to us if you’d like any further information.
© 2019 Warr & Co Chartered Accountants. Warr & Co Chartered Accountants is a member of The Institute of Chartered Accountants in England & Wales (ICAEW). Whilst the information detailed here is updated regularly to ensure it remains factually correct, it does not in any way constitute specific advice and no responsibility shall be accepted for any actions taken directly as a consequence of reading it. If you would like to discuss any of the points raised and / or engage our services in providing advice specific to your personal circumstances, please feel free to contact any one of the partners on 0161 477 6789 or contact us via our website forms. Warr & Co Chartered Accountants are registered to carry our audit work in the UK, our audit registration number is C002961684, for more information please visit www.auditregister.org.uk.