020 7466 4700
Tech Check

How can you protect your business’ data from hackers while we’re working from home?

Technology has played a crucial role in allowing us to work from home during the coronavirus pandemic.

However, working remotely with confidential data is not without risk and throughout the pandemic we have seen an increase in hacking and, more worryingly, an increase in the number of companies falling victim to ransomware.

Never slow to catch on to what is going on in the world, cyber criminals were quick to adapt their efforts to steal access to information and systems.  They started to use coronavirus-themed warnings and alerts and as both the situation and remote working environment was new, people responded thinking the requests were simply part of the transition to working from home.

Having been presented with the access they wanted, hackers found it easy to either steal confidential information or plant malware particularly as the systems supporting remote working were still in their infancy and, therefore, without the security they’d normally be protected by.

As always, the cyber criminals employed a range of scams.  These included distributed denial-of-service (DDoS) attacks, using fake apps to steal data and banking information and offering reliable updates on the virus or ‘coronavirus maps’ that would – once adopted – let loose a variety of malware,

More traditionally they also flooded email addresses with messages encouraging the recipient to click on a link that again would release malicious malware.

In many cases this malware would be ‘ransomware’, a type of malicious software designed to block access to a computer system until a sum of money is paid.

However, in reality only portions of the system or underlying data would be given back once the initial ransom was paid before making more and more demands for more and more money.   Or hackers would leave themselves a ‘back door’ in to the system so they could return to encrypt the data multiple times and repeatedly ask for payment to rectify the situation.

How can you protect your business and your data against the threat of hacking, malware and ransomware?

The good news is there are several things you can do to protect your data.  Better still, with the right support taking the following steps is both straightforward and affordable:

1. Train Your Team

A lack of awareness is at the heart of all scams.  Implement quarterly data security and phishing prevention training and support sessions with regular email updates and top tips to make sure data security is always front of mind.

2. Make using a VPN mandatory

A VPN (Virtual Private Network) will help you establish a protected network connection for staff using their domestic internet connection and encrypt their internet traffic and disguise their online identity.  This will make it more difficult for third parties to track your activities online and steal data.

3. Only license the most reputable software

Buying licenses to the most highly rated software will also buy you peace of mind as these are the programmes with the best security protocols.

4. Encrypt everyone’s laptop

While your team is working at home it is imperative you keep their devices secure.  In conjunction with a secure VPN, encrypting your team’s laptops will increase the protection around your most sensitive data.

To further increase the security around your laptops you could also tell staff to turn off Wi-Fi, Bluetooth, and Find My Device.

5. Implement RSA passcodes

If your staff needs to generate an RSA code to sign in to your systems as well as their regular passwords, it will be almost impossible for anyone other than the people who are supposed to be able to access your network to access your network.

6. Limit the use of personal devices

While we are working remotely, it is often easier to use our personal devices.  As personal devices are less secure this can make your company’s data more vulnerable.  Therefore, it is sensible to limit your users’ mobile access to your most sensitive data or restrict access entirely unless it’s via your company’s network.

7. Introduce multifactor authentication for mobile devices

As smartphones are easier to hack, adding additional passcodes and fingerprint authentications to open more sensitive data will add an additional layer to your data security.

8. Implement two-factor authentication protocols

If you need to verify your identity every time you log into your account with a second self-generated authentication, unauthorised access will become more difficult.  The right authentication software will also generate alerts when someone has unsuccessfully tried to log in which introduces an even higher level of security.

9. Keep all your software up to date

The latest software releases have the latest security.  Make sure your team understand the benefits of accepting every software update.

10. Keep your anti-malware software up to date 

Keeping your files safe whilst working remotely immediately becomes easier if everyone has an up to date an anti-malware program installed in every device.  The best intentions won’t protect your data.  You need to invest in state-of-the-art protection.

11. Ask for help

The importance of data security cannot be overestimated.  In today’s world it is absolutely vital not only to your day-to-day operations but also to your corporate reputation and standing in the market.

If you are unsure how to make your client, financial and operational data totally secure, you should ask an expert in cybersecurity and digital workflow.