A leading North-east IT professional is warning businesses that the increase in working from home may expose them to a higher rise of cybercrime.
Austen Clark managing director of Clark IT will be participating in an SCDI webinar on Thursday 14 May advising businesses on how to protect themselves. In some areas of the UK, burglary has fallen by 37% as more of us work from home during the pandemic and shoplifting has fallen by more than 50% as fewer shops are open.
One of the few areas of criminal activity which has shown an increase in the UK is fraud, with Home Secretary Priti Patel, reporting at a recent Downing Street briefing, that losses for coronavirus fraud now stand at £2.4 million. There has been a major increase in the number of cyber-attacks since more of the working populations began homeworking. The National Cyber Security Centre (NCSC) has reported that phishing crimes are also on the rise. Cyber security has never been more important for UK businesses.
Austen Clark will be delivering the benefits of following a recognised certification with Cyber Security advice to businesses on how to manage these risks during the SCDI webinar. Security for your business data is best used in a layered approach according to Austen; there is no single solution.
“Businesses should be asking, ‘What is mission critical that we cannot be without?’, says Austen.
“Businesses can protect themselves, their workers and their IT while working from home by following some tips.”
Use secure passwords
Password security and hygiene with regular changes is one of the best defences. Firms should also implement multi factor authentication (MFA) where possible to access company resources.
Employees should use a unique password for each online service they access. It makes it very easy for criminal fraudsters to breach your security if individuals use one recurring password. Setting strong passwords for user accounts is a necessity. You can use NCSC guidance on passwords and review your password policy.
Setup a secure VPN
Virtual Private Networks (VPNs) allow home workers to securely access your organisation's IT resources (such as email) and to connect into the office to access company information. If you already use a VPN, make sure it's fully patched and supports SSL access.
Advanced Email Protection
Email is currently at high-risk from cyber criminals.
These lawbreakers are preying on fears of the coronavirus and are sending 'phishing' emails that try and trick users into clicking on a harmful link. Once clicked, the user is sent to a hazardous website which could download malware onto your computer, or steal passwords. The scams may claim to have a 'cure' for the virus, offer a financial reward, or be encouraging individuals to donate.
Whether you run a business, charity or an educational establishment; we recommend that you use an e-mail filtering service that scans all e-mails for threats such as malware, phishing or impersonation. It’s especially important to scan attachments, if your staff are using their own devices.
Ensure your domain name systems (DNS) records are up to date – check your domain name using the tools – https://mxtoolboxs.com.
Correctly configured sender profile framework (SPF) and authentication protocol DMarc records can stop spoofing your organisation’s e-mail domain.
Secure your device
Make sure that no one in your organisation ignores software updates - they contain patches that keep your device secure.
Always lock your device when you're not using it with a PIN, password, or fingerprint/face id. This will make it harder for an attacker to exploit a device if it is lost or stolen.
Avoid downloading suspect apps. Only use official app stores (like Google Play or the Apple App Store), which provide some protection from viruses.
Removable media
USB drives inserted into your IT systems can introduce malware. When USB drives and cards are openly shared, it becomes hard to track what they contain, where they've been, and who has used them. You can reduce the likelihood of infection by:
- disabling removable media using MDM settings
- using antivirus tools where appropriate
- only allowing products supplied by the organisation to be used
- protecting data at rest (encrypt) on removable media
The SCDI webinar can be booked here https://www.eventbrite.co.uk/e/cyber-security-webinar-guidance-to-protect-business-investment-tickets-104428374078.
Clark IT provides IT support, cloud and cybersecurity solutions to a wide range of SMEs across the North-east and wider Scotland from its base near Turriff in Aberdeenshire. It has supported scores of businesses of all sizes to transition to Office 365. To find out more, visit the website www.clark-it.com; LinkedIn @Clark-IT or Twitter at @ClarkIntegTech