Six Cybersecurity Tips When Working From Home in England

If your employees work from home, you must take security precautions to avoid exposing your business to cyber-attacks. Since the onset of COVID-19, many businesses are employing working from home policies. Unfortunately, the rapid switch to home working has left some organisations in England more vulnerable to cyberattacks. This article will outline six cybersecurity tips your business should implement if your staff work from home. Following this advice can reduce the risk of cybercriminals attacking your IT system by breaching pathways designed for remote workers.

Why is Cybersecurity Important for the GDPR?

The General Data Protection Regulation (GDPR) requires all organisations in England to keep personal information safe and secure. If your business suffers a preventable cyberattack, this may constitute a GDPR breach. The Information Commissioner’s Office (ICO) can fine companies that breach the GDPR. Given that the ICO may award fines up to £17.5m it is essential to implement strong security protocol. Weak cybersecurity can cost your business both the damage of the cyber-attack and an ICO penalty.

Let us explore six helpful cybersecurity tips so your company can strengthen its cyber defences and protect sensitive data. 

1. Avoid Unsecured Public Wifi Networks

With home working (and laptops), many employees will work from public cafes or use their home network Wi-Fi router. Most cafes offer an unsecured Wi-Fi network through which a motivated cyberattacker can intercept data. Furthermore, employees often fail to change the default password on their Wi-Fi router, offering another avenue for cybercriminals to access information. Your business should instruct all home workers to change their default Wi-Fi router settings and avoid public Wi-Fi hotspots. 

2. Use Strong Passwords

A strong password is a basic cybersecurity step. Despite being public knowledge, many staff members still use weak passwords such as ‘password’, ‘1234’ or ‘qwerty’. Modern computer programs can help cyber attackers enter thousands of common passwords in a short space of time to hack accounts. Unfortunately, these brute force attacks can often decipher common, well-used passwords.

Strong passwords are even more critical for remote employees. Unlike in an office where individuals must use an office computer to access the system, remote working enables individuals to use any personal device to log in if they have the correct password.

3. Use Virtual Private Networks (VPNs)

VPNs are a relatively modern phenomenon for businesses. These are private internet connections that seek to mask your identity whilst online. While you may not be worried about the websites you access at work, VPNs can also protect the information you share through encrypted online connections. An encrypted internet connection makes it nearly impossible for a third party to intercept the information you enter within that online session. This means you can safely disclose sensitive information such as company card details. 

4. Train Staff to Avoid Phishing Scams

Some business owners ensure regular staff training in the workplace but forget to train home workers. Unfortunately, this can be highly detrimental to your cybersecurity as home workers are equally in need of training. Given that it only takes one staff member to click on a virus-laden link to breach your IT system, it is vital to ensure your employees look out for the potential signs of a phishing email, which can include:

• poor spelling and grammar;
• suspicious email address; or
• the email not having been requested or being a response to a previous email;

Another simple solution, if you receive an email from your bank asking you to log into your online account, is to ignore any link within the email and enter the details in a new internet browser through a secure search engine.

5. Use Robust Antivirus and Firewall Software

A strong firewall seeks to block suspicious network traffic that does not match its security protocols. Similar to a spam email filter, it can block unexpected connections outside your IT server. Good antivirus software is the following line of defence, filtering all network traffic that gets through the firewall and aims to remove suspicious codes. When working well, the firewall and antivirus can act as a sound system in which one catches what the other does not.

6. Regularly Back Up Company Data

Many cyberattacks steal data with the intent of misusing it or holding it until your business pays a ransom fee. This is known as ‘ransomware’. Ensuring your business regularly backs up sensitive data can enable your company to restore systems quickly and potentially avoid paying any ransom.

Key Takeaways

Cybersecurity has become increasingly important since many businesses implement working from home to various degrees. Consequently, remote working allows cyber criminals weaker entry points into your company’s sensitive data. Furthermore, it is essential to have strong security measures to avoid breaching GDPR security requirements. By utilising strong security measures such as a good antivirus and firewall and using VPNs, you can minimise the threat of a successful attack. Additionally, you must also train staff on the proper procedures to avoid cyberattacks. This includes training them to recognise phishing scams, use strong passwords and avoid unsecured networks. 

If you need help with data protection security and protecting sensitive information, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.

Frequently Asked Questions