Improve Cyber Security Upon Returning to the Workplace

Posted By: Helen Wednesday 9th June 2021

As restrictions continue to dissipate we’re seeing more employees return to the workplace every week. Today we’re discussing how you and your team can remain cyber aware in a bid to avoid any unnecessary attacks.

Monitor any Dubious Activity

Prior to the return of employees, ask yourself the following questions:

  • Are networks fully monitored & secure? 
  • Do we have the appropriate controls & procedures in place?

We’re getting a little technical;

Managing IT support in house works well as long as you have a dedicated professional to action this. Anomalous user behaviours such as VPN abuse and signs of attempted access to private network areas need to be determined, highlighted and dealt with within your team, accordingly. When outsourcing IT services, you can request this from your partners, if they have not yet already completed this action.

Be open with your team;

It’s all about communication. Having welcomed everyone back, discuss and encourage the safe use of internal and cloud based systems. Urge employees always report any form of suspicious IT related behaviour, no matter how small it may appear. Should you notice genuine mistakes push forward with positivity through training and adhering to best practice.

“Coming together is a beginning. Keeping together is a process. Working together is a success”.

Henry Ford

It all begins here;

Coherent Guidelines & Dedicated Training

Upon returning to the office, business owners and higher management are now responsible for ensuring the health and well-being of their team based upon COVID-19 government guidelines. As individuals across the country are getting used to this ‘new norm’, it’s intrinsic to also safeguard internal IT processes and systems.

How do we do this?

Whilst many people have become used to working from home, there’s the potential that some/many have used personal devices to access corporate files and information. As a leader your first port of call is to relay ANY of the latest security risks and relevant updates, to your team.

Don’t put training off;

Whilst COVID has proven extremely difficult in terms of finances for many industries, cyber criminals have in fact thrived on the pandemic, much to our dismay. Over the last year it almost feels like the UK has been subject to a new and improved scam/attack, each and every week. Alerting staff to the past and most recent cyber-attacks is intrinsic upon the first steps over the office threshold.

Cyber criminals are even including COVID-19 related safety training as a way of accessing data and spreading malware. Make sure to thoroughly research any training materials so they can be securely accessed whilst highlighting these resources as the ONLY ‘go to’ information.

Failure to inform team members at the earliest possible opportunity could result in potential disaster via a nasty cyber security breach. 

“One single vulnerability is all an attacker needs”

Window Snyder

Questionable or Unapproved Software

Back to working from home. During this period of time, employees may have installed software with the idea this will make their working week simpler. Unfortunately, such actions pose risk, especially when carried out without the knowledge and consent of an IT team.

What could happen?

Unfortunately, the layman won’t tend to think about any adverse IT related complications when downloading something they feel offers viable assistance to their tasks. Software not approved by the professionals however holds the potential for long term negative effects including GDPR compliance risks. Based upon some recent research, it’s scary to note that over 58% of managers/company decision makers have stated employees are more likely to avoid security practices when working from home. Is this down to idle behaviour or could it be that individuals aren’t as fully informed as they should be? Revert to training.

“Cyber Crime is the greatest threat to every company in the world”

Ginni Rommety

Review Systems Access

The hybrid method and fully working from home has resulted in many different challenges in businesses including IT. For example, security settings such as IT whitelists have had to be relaxed in order to grant users the relevant access required from home. Upon getting back to the ‘new norm’, make sure firewall settings are reviewed regularly in order to identify any potential risks.

Do you have employees who will not be returning due to a new job? Make sure their access is swiftly removed to prevent problems arising such as the theft of data and sensitive information.

“Passwords are like underwear! You don’t let people see it, you must often change it and you should NEVER share it with strangers”!

Chris Pirillo

Sanitise Your Systems

At LaneSystems we’re firm advocates of system sanitisation prior to re-integration of your team.

Before employees begin using their systems, it’s important the following are completed:

  • Vulnerability Assessments
  • Updated Antivirus Software
  • Latest OS Software Updates
  • New STRONG Passwords

In addition, it’s highly recommended employees returning to the workplace connect corporate business devices to a guest or temporary network in the first instance. These can be fully connected to the main network once sanitisation is complete. Personal devices should be restricted indefinitely.

“Treat your password like your toothbrush. Don’t let anybody else use it and get a new one every six months”!

Clifford Stoll

There’s lots to think about in 2021 and as we’ve mentioned a few times in this blog, we have no other choice than to adapt to the ‘new norm’ in the workplace. Ensuring your company is cyber secure both in the office and whilst employees work from home is essential to the security of data and sensitive information.

“If you spend more on coffee than on IT security you will be hacked. What’s more, you deserve to be hacked”!

Richard Clarke