10 Things You Can Do To Stay Safe

Working From Home And Surviving The Cyber Attacker

10 things you can do to stay safe

We are living in a new world order right now with many of us finding ourselves working from home, without the protection and constraints of our usual places of work.

This makes working safely even more important.  Here are ten things you can do to ensure you keep yourself, your employer and your data, safe.

  1.  Check the security settings on your PC or Mac to ensure your system has the latest patches and that you are running a quality anti-virus programme. It should be set to auto-check for new updates and also run a regular scan.
  2. Review your passwords.  They should be strong, that is to say, that they should include upper and lower case letters, numerals and special characters or, be a phrase that is more than twenty characters long, with no spaces. Try to avoid personal information and do not fall into the trap of opting for your birthday or pets name!  Default passwords should be changed immediately.
  3.  Ensure that you regularly review and change your passwords and don’t rely on one for everything. If you are struggling to remember your passwords, never store them in a file on your device, such records can easily be found. Opt for an online password manager such as LastPass. These services can generate strong passwords for you, as well as storing them, where only you have access. But if you distrust online password managers, your only option is to write them down on a piece of paper. If you do this, take a copy so you have a backup in the event that your original is lost or damaged and hide the papers, not near your device, when not in use.
  4.  Establish two-factor authentication security, if you have the option. This process involves you not only entering a strong password, but also a unique, one-time password – which is sent via text or, a code taken from your smartphone.  This code is then used to establish your identity. These password generators are often free and are available from many companies such as Google and Microsoft.
  5. Your devices will connect to your internal network to gain access to your broadband connection, so always check your router settings and ensure you have changed the default passwords and, ensure that encryption is switched on (you will see terms such as WEP in your settings for the encryption). Also, change the device or router name, so it does not identify the manufacturer or ISP. This just makes it harder to determine from the outside. Also, never use your surname or address as an identifier, this is just exposing your personal information and every little bit of information you leak, could be used against you. If you have your router on a windowsill, make sure the details on the back of it are covered. Often the router password or encryption key is noted here. Better still, don’t have the router on a windowsill!
  6. Check your router activity log regularly, to see what has or is connected to your network. Most routers have a log of all devices that are connected. Any you see which you do not recognise could be a hacker’s device ‘listening in’ on your network. Also, check to see if any connected device is communicating out to the worldwide web when not expected. This could indicate your device has been compromised and it is sending out your personal data or, it could be being used, along with thousands of other devices, to attack other web sites which was the case with Spotify, Netflix, and PayPal, who were temporarily shut down, due to such an attack.
  7. If you have the Internet of Things devices attached to your network, such as Alexa, camera-enabled doorbell, CCTV, WiFi kettle or fridge etc., ensure these devices are secure and that default passwords have been changed. Most of these devices are insecure if not correctly configured and as they are on your network, if they can be compromised, then they can be used to attack or monitor you. Just imagine a hacker taking over your CCTV camera and listening to your conversations or noting down your password as you type it out!
  8. If you have confidential papers or data at home, ensure you put these away after you have finished for the day. Compliance extends to wherever data is handled and working from home will not exempt you from GDPR, PCI or any such regulatory controls.
  9. If you have children and they also have access to a device, never set their profile to be an administrator. The easiest person to hack is a child, as they will click on links without considering the security. By stopping their device from installing a program, many trojan’s and viruses will be stopped. It might be a pain them asking you to authorise a download, but it will save you a lot of grief if you have to set up new bank accounts!
  10. Before you click on a link in an email or open an attachment, consider if the email looks genuine. Is the spelling correct, or the language used in line with what you would typically expect from the sender. Hover your mouse pointer over any link and see if the destination address matches the sender’s address. If in doubt, don’t click anything and contact the sender via a new email or via a second channel, or copy the link or attachment into a scanner site such as VirusTotal or Trend Micro. Click here for more advice on email security.

By practising good cybersecurity techniques, we can keep our data safe as we continue to work from our homes over the next weeks and months.

Business Continuity in Uncertain Times

Coronavirus – How can we help?

Covid-19 is in the news throughout the day, social media alerts on every platform. We are now officially in ‘Lockdown’ and we need to make sure as many of our employees can work from home, safely & securely.

How can we help your business continuity in uncertain times?

As a remote worker myself; I know of the many benefits this can bring but also know that you need to make sure that you have the right security parameters in place to make working from home as seamless and secure as possible.

If your business does not currently have facilities to offer home working to your staff, Digital Pathways are offering a FREE service to identify and scope out what would be required to facilitate remote working, as well as for those businesses that are looking to expand their current set up to add additional homeworkers to an already existing solution.

Please be aware!!!

We are hearing of increased threats and cyber-attacks taking place with regard to email phishing, scam emails and hackers utilising weak security defences on unsecured networks as more and more people are working from home.

One particular email supposedly coming from Public Health England offering a free hand sanitiser if you click the link.

Please DO NOT click links unless you can confirm it is from a reliable source, check this by hovering over the email sender.

More information and guidelines are available here in our recent blog on email scams.

How we can help

If your organisation already has the facilities for remote working, we can help with:-

If your organisation is looking at a remote working environment for your staff and don’t know where to start

We can help

  • With a scoping exercise to identify what would be needed to facilitate secure remote access and home working
  • With identifying any additional equipment or hardware that might be needed
  • With email protection
  • With endpoint protection
  • With security monitoring
  • With staff online training for working from home

We also have a range of Managed Security Services for businesses that do not have any internal security resource.

During this time of uncertainty and concerns we are offering a FREE scoping exercise to all businesses in need of assistance in preparation, planning and projects to enable remote working environments.

If you have any concerns about remote working or need any advice or recommendations on working from home securely or are looking to put in place the facilities for your teams to be able to work from home securely and efficiently, please do not hesitate to get in touch either call 0844 586 0040 or email [email protected]. We are here to help in these uncertain times.