Information to help your business benefit from telecommunications

Bolting the Cyber Stable…

Padlock on computer

As increasing numbers of us return to our offices to work, leaving a significant number working from home, we’re taking a break from our series on the cultural differences to expect when working with overseas companies and personnel to look instead at cyber-security and the risks involved with having a dispersed workforce.

We all know that hackers are becoming increasingly sophisticated and, somehow, malicious with it. Our natural inclination when under attack is to draw inward and become insular, but the practicalities of life encourage quite the opposite. Yes, you can run your business from your sitting room, or a beach in Greece come to that (if you can get there), but with such freedom comes risk. Even before Covid (BC?) a workplace survey reported that 50% of employees across the working world work away from their office at least two and a half days per week. Covid will substantially add to those numbers, as will the increasing tendency towards freelance working. It’s a recipe for cyber trouble.

Cyber specialists refer to what they call a company’s “attack surface”, which is the extent of vulnerability or exposure to digital attack. It grows with every network and system your company is connected to, and most of the problem is in knowing who to trust to connect to or allow to connect to you and your internal networks.

Generally considered a fundamental piece of advice is to move all business applications to the cloud, so that wherever your members of staff are, your data remains on the company’s servers.

The next thing is to tightly control who can access your data. Would you let a temp leave with a key to your front door? We hope not…Of course you can’t really expect your staff to fully appreciate the additional security measures you may be implementing, so informing and training is vital. We’ve written in the past about the potential security risks of a BYOD culture. Bringing Your Own Device, be it a phone, pad or laptop from home to the office blurs the security boundaries between going on line at home and at work. You may spend thousands on firewalls, but if your employees fail to recognise the value of, say, two step authentication, then it’s all for nothing. How many, for instance have heard of “tailgating”, where an attacker compromises your device when away from the office and then has wrecking access to your company when you log on there?

Forbidding any private devices is not the answer. Having a restricted list of permitted sites could be a good start. Third party device management could be an option, albeit not a popular one, but even more simple ideas will help. Did you know that just under 30% cyber breaches are down to stolen passwords and often those are because they’re too obvious. 1234567, seriously?

We’ve mentioned two step authentication, but there’s so much more. Fingerprint or facial recognition is common on mobiles, why not in your office? Access that demands the answering of a personal question, Whatever your solution it has to be practical and easy for your employees to engage with. So, cyber-security? Don’t wait until after it’s happened! If you’d like advice or help in this area, give us a ring…our lines are secure!

comments powered by Disqus