Vulnerabilities in remote working

Unfortunately, due to the Covid-19 pandemic many industries, including the digital working industry, took a hit. However, this hit was luckily not as drastic for the digital world, as many individuals and businesses were able to begin working remotely as the global health crisis hit, as opposed to shutting down completely. While the flexible working arrangements of the past year and a half have definitely been more convenient, it doesn’t come without its risks.   

Exploiting vulnerabilities  

It would seem that with the shift to remote working, many people have become complacent about their cybersecurity habits. One of the main vulnerabilities in home-based working is the use of personal devices and accounts. When using a personal device or account to move data, it makes it easier for hackers to gain access to and subsequently exploit that data. This is because personal accounts don’t usually use multi-factor authentication (the use of two or more factors to gain access to data). Also, without the protection of software such as firewalls and blacklisted IP addresses, which are used in office-based security, we are much more vulnerable to cybercrime.  

One of the most obvious security threats of remote working is out of date software. We are all guilty of ignoring the little pop-ups that remind us of the inevitable - it’s time to upgrade our computers. So as is routine we click “remind me later” until the updates can no longer wait, and our devices demand that we fix their performance issues. At home, we tend to be more lax about the precautions we usually take in the office to prevent cyber security problems. 

Phishing emails on the rise 

Another threat in a hacker’s toolbox is the classic phishing email. These scams are usually designed for the purpose of stealing someone’s personal data and details or to download malware onto their device.  According to a recent report, there has been a 600% increase in reported phishing emails since the end of February. To help reduce the risk of such scams, all work should be done on a company issued device where possible. Corporate devices are subject to remote access security controls, which mean that it will mitigate the risk of hackers gaining access to an employee’s data. 

Minimising the risks 

Whilst it’s a difficult process to make sure that you are fully protected against cyber threats, there are measures that can be taken to prevent incidents of cybercrime. For example, when working from home, if you do not have access to your company account or device and need to use your personal computer and email to complete work, use a VPN (virtual private network). A VPN is designed to establish a secure connection between you and the internet. When using a VPN your data travels through an encrypted virtual tunnel. VPN connection makes your IP address invisible, thus making it secure against external threats. 

Employees should also be aware of suspicious emails whilst working from home. Phishing scams are easy to detect once you know what to look for, so always be wary of clicking on emails and links that appear dubious. Emails sent from public domains like @gmail.com shouldn’t be trusted. Legitimate organisations will always have their own email domain for example an email from Indeed will include @indeed.com.  

Also remember to check for grammatical errors in the domain name of emails and in the email itself. As a general rule, scam emails are always badly written. Most importantly, never open an attachment in an email that you were not expecting. The likelihood is that it will download a virus or piece of malware to your device that will either corrupt it or steal your personal data. 

Finally, although it may seem unimportant, update your computer. As soon as you get the notification that it’s time to update your device, do it promptly. Out of date software is slow and performs poorly and can leave you susceptible to cyber-attacks. Software and antivirus updates are there to help fix flaws in security and protect computing systems. If you don’t like being interrupted by update notifications it is advisable that you select the auto-update feature on your devices so that they install updates without you having to do it manually. 

Cyber-attacks are increasing each day so it is vital that you take extra effort to safeguard your company and personal data as well as computing devices. Having robust cybersecurity measures in place will ensure that you are protected from cybercrime while working remotely.