The pandemic reshaped the way we all work – at least for a while – and has opened the door to ways of working for businesses that hadn’t even contemplated it before. Now, companies are starting to welcome back employees to office spaces as all feel our way towards what will be, for many, a future of hybrid working.
Just as mass remote working brought challenges, so does a full or partial return to the workplace – especially if security protocols are not consistent or clear. A recent report from Tessian found that 39% of employees admitted to using different security behaviours when working remotely to the ones in place in the office.
Amid increasing threats from malware, hackers and data leakages, it is crucial that every business takes the necessary steps to protect its data.
Here are five steps to take.
People are often the weakest link in any IT security chain – no matter how secure your systems, humans can make mistakes and are vulnerable to being fooled.
Make sure your people are trained or are given refresher courses on the importance of good cybersecurity practices, such as never disclosing passwords or financial information on the phone, or watching out for suspicious attachments, emails or instant messages.
Refresh and reinforce a clear cybersecurity policy and make sure every member of your team understands the secure behaviours expected of them.
Remote devices were a godsend during lockdown, giving workers access to systems from the home. Many workers used whatever was to hand – whether that was their personal device or a company laptop. The also used home broadband connections (and probably still do). All of these are susceptible to hackers and could become infected. Staff who then bring them into the office can spread that infection. Ensure your IT provider checks all devices for malware to minimise the risk of this happening.
Your people should be trained in the importance of strong passwords to secure company accounts. As the first line of defence against cyber-attacks, staff should use complex passwords as standard.
Strong passwords typically consist of at least eight characters with a mixture of upper/lower case letters, numbers and special characters. The more complex a password is, the more secure the computer will be.
Your company can also set password expiration dates, so that employees update their security regularly. This will improve your businesses protection across all devices and help prevent attacks.
Two-factor authentication, used alongside complex passwords, provides a constantly changing unique code to a trusted device.
This form of authentication is easy to set up and is effective against malicious attacks, as the code is needed alongside a user’s regular login information and password to pass authentication checks – making life much harder for hackers.
Older software is more vulnerable to hackers, so make sure any devices brought back into the office have been fully updated to the latest versions, supported under your company’s security policy. Your IT department or provider should set up automatic updates and monitoring tools to alert them of any breaches.
Contact us for further details on IT Strategy.