Our team is committed to supporting you through this challenging time. With the high volatility of the global COVID-19 pandemic, we remain firm to our values, putting people first. Our team is working remotely with the aim of zero downtime in our support towards our customers and partners.
One of the key measures to reduce the spread of Coronavirus COVID-19 is social distancing, which for many organisations means encouraging – or instructing – staff to work from home. But moving at short notice from a trusted office environment to working remotely can create security risks. This situation is further exacerbated by opportunists looking to take advantage of the high profile of the pandemic using it as subject matter for their phishing scams.
With the rapid increase in remote working in mind, European cybersecurity agency ENISA has set out a series of recommendations for companies moving to teleworking as a result of COVID-19.
- Do not mix work and leisure. Use your dedicated company allocated device(s) for business applications and keep any gaming, online shopping, browsing or other leisure activities strictly on your personal devices.
- Be wary of any emails referencing the coronavirus, COVID-19 in the subject or body, especially if you do not recognize the sender.
- Be suspicious of any emails asking to check or renew passwords and login credentials, even if they seem to come from a trusted source. Always check with the dedicated IT team in your organisation prior proceeding with any action.
- Be cautious of emails from people you don’t know – especially if they ask to connect to links or open files. Emails sent from people you know but asking for unusual things are also suspect. If in any doubt, always check by phone or other means first.
Other security advice for home working for employees includes:
- Ensure your Wi-Fi connection is secure. While most Wi-Fi is correctly secured, some older installations might not be, which means people in the near vicinity can snoop your traffic.
- Ensure anti-virus is in place and fully updated.
- Change the default password of your home WiFi. Choose a strong password, 10 characters, Upper case. Lower case, Numbers and Symbols
- Check all security software is up to date: Privacy tools, add-ons for browsers and other patches need to be checked regularly.
- Do not use personal USB drives on corporate devices.
- Have a back-up strategy and remember to do it: All important files should be backed up regularly.
- Avoid working in public spaces. At this time social distancing is very important. Additionally, the internet access in public spaces is not as secure as your home connection.
- If you do need to work from a shared location, make sure you lock your screen when away from your device.
- Make sure you are using a secure connection to your work environment.
- Check if you have encryption tools installed.
The organisation should ensure:
- People have sufficient instructions and advise on how to react in case of problems. Clear contact information and procedure should be provided.
- Give suitable priority to the support of remote access solutions. Employers should provide at least authentication and secure session capabilities (essentially encryption).
- Provide virtual solutions where possible and necessary. For example, the use of electronic signatures and virtual approval workflows to ensure effective continuation of operations.
- Ensure adequate support in case of problems. This may require setting up special rotas for staff.
- Define a clear procedure to follow in case of a security incident.
- Consider restricting access to sensitive systems where it makes sense.