Skip to content

Six Cybersecurity Tips When Working From Home in England

Table of Contents

If your employees work from home, you must take security precautions to avoid exposing your business to cyber-attacks. Since the onset of COVID-19, many businesses are employing working from home policies. Unfortunately, the rapid switch to home working has left some organisations in England more vulnerable to cyberattacks. This article will outline six cybersecurity tips your business should implement if your staff work from home. Following this advice can reduce the risk of cybercriminals attacking your IT system by breaching pathways designed for remote workers.

Why is Cybersecurity Important for the GDPR?

The General Data Protection Regulation (GDPR) requires all organisations in England to keep personal information safe and secure. If your business suffers a preventable cyberattack, this may constitute a GDPR breach. The Information Commissioner’s Office (ICO) can fine companies that breach the GDPR. Given that the ICO may award fines up to £17.5m it is essential to implement strong security protocol. Weak cybersecurity can cost your business both the damage of the cyber-attack and an ICO penalty.

Let us explore six helpful cybersecurity tips so your company can strengthen its cyber defences and protect sensitive data. 

1. Avoid Unsecured Public Wifi Networks

With home working (and laptops), many employees will work from public cafes or use their home network Wi-Fi router. Most cafes offer an unsecured Wi-Fi network through which a motivated cyberattacker can intercept data. Furthermore, employees often fail to change the default password on their Wi-Fi router, offering another avenue for cybercriminals to access information. Your business should instruct all home workers to change their default Wi-Fi router settings and avoid public Wi-Fi hotspots. 

Continue reading this article below the form
Need legal advice?
Call 0808 196 8584 for urgent assistance.
Otherwise, complete this form and we will contact you within one business day.

2. Use Strong Passwords

A strong password is a basic cybersecurity step. Despite being public knowledge, many staff members still use weak passwords such as ‘password’, ‘1234’ or ‘qwerty’. Modern computer programs can help cyber attackers enter thousands of common passwords in a short space of time to hack accounts. Unfortunately, these brute force attacks can often decipher common, well-used passwords.

Unsurprisingly, the most basic defence is to make the password more complex. The standard advice is to use passwords containing various numbers, symbols and capital letters, such as ‘?uNgue55@blep@55word’.

Strong passwords are even more critical for remote employees. Unlike in an office where individuals must use an office computer to access the system, remote working enables individuals to use any personal device to log in if they have the correct password.

3. Use Virtual Private Networks (VPNs)

VPNs are a relatively modern phenomenon for businesses. These are private internet connections that seek to mask your identity whilst online. While you may not be worried about the websites you access at work, VPNs can also protect the information you share through encrypted online connections. An encrypted internet connection makes it nearly impossible for a third party to intercept the information you enter within that online session. This means you can safely disclose sensitive information such as company card details. 

4. Train Staff to Avoid Phishing Scams

Some business owners ensure regular staff training in the workplace but forget to train home workers. Unfortunately, this can be highly detrimental to your cybersecurity as home workers are equally in need of training. Given that it only takes one staff member to click on a virus-laden link to breach your IT system, it is vital to ensure your employees look out for the potential signs of a phishing email, which can include:

  • poor spelling and grammar;
  • suspicious email address; or
  • the email not having been requested or being a response to a previous email;

Another simple solution, if you receive an email from your bank asking you to log into your online account, is to ignore any link within the email and enter the details in a new internet browser through a secure search engine.

5. Use Robust Antivirus and Firewall Software

A strong firewall seeks to block suspicious network traffic that does not match its security protocols. Similar to a spam email filter, it can block unexpected connections outside your IT server. Good antivirus software is the following line of defence, filtering all network traffic that gets through the firewall and aims to remove suspicious codes. When working well, the firewall and antivirus can act as a sound system in which one catches what the other does not.

Given the current high level of cyber-attacks against companies in England, a robust antivirus and firewall setup are the bare minimum your business must implement. This is particularly true for home workers on company devices.

6. Regularly Back Up Company Data

Many cyberattacks steal data with the intent of misusing it or holding it until your business pays a ransom fee. This is known as ‘ransomware’. Ensuring your business regularly backs up sensitive data can enable your company to restore systems quickly and potentially avoid paying any ransom.

Key Takeaways

Cybersecurity has become increasingly important since many businesses implement working from home to various degrees. Consequently, remote working allows cyber criminals weaker entry points into your company’s sensitive data. Furthermore, it is essential to have strong security measures to avoid breaching GDPR security requirements. By utilising strong security measures such as a good antivirus and firewall and using VPNs, you can minimise the threat of a successful attack. Additionally, you must also train staff on the proper procedures to avoid cyberattacks. This includes training them to recognise phishing scams, use strong passwords and avoid unsecured networks. 

If you need help with data protection security and protecting sensitive information, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.

Frequently Asked Questions

Why do the ICO fine companies who have suffered cyberattacks? 

The ICO takes a firm stance on cyberattacks because the GDPR requires companies to take all possible measures to prevent the theft of personal information. The GDPR aims to inform organisations of their responsibility to fully protect personal data. As such, the ICO issue fines to deter companies that fail to comply with these standards. 

Is it less risky for all staff to work on-site?

Not necessarily. While some companies may be able to limit system access to computers within the workplace only (and deny any remote access), this does not guarantee a cyber-attack will not occur. Instead, organisations should limit the security threats of remote access rather than ban it altogether.

Register for our free webinars

Protecting and Enforcing Your Brand

Online
Protect your brand from misuse and infringement. Register for our free webinar.
Register Now

Deal Structures 101: Understanding Equity, ASAs and Convertible Notes

Online
As a startup founder, understand your capital raising options. Register for our free webinar today.
Register Now

Common Legal Pitfalls for SaaS and Online Businesses

Online
Protect your online or SaaS business from common legal pitfalls. Register for our free webinar.
Register Now

GDPR Compliance Essentials for SMEs

Online
Ensure our business is compliant with GDPR and build trust with customers. Register for our free webinar.
Register Now
See more webinars >
Thomas Sutherland

Thomas Sutherland

Read all articles by Thomas

About LegalVision

LegalVision is an innovative commercial law firm that provides businesses with affordable, unlimited and ongoing legal assistance through our membership. We operate in Australia, the United Kingdom and New Zealand.

Learn more

We’re an award-winning law firm

  • Award

    2024 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2024 Law Firm of the Year Finalist - Modern Law Private Client Awards

  • Award

    2023 Economic Innovator of the Year Finalist - The Spectator

  • Award

    2023 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2023 Future of Legal Services Innovation - Legal Innovation Awards