Cyber security in the workplace, working remotely and how to stay safe.
Recently we must have all seen the headlines about major hacks and widespread new IT security threats and data breaches in the business world.
Many would say cyber security as a concern has risen recently to the top of the business agenda, but over the last few years there has been a growing threat that needs more and more effort to contain.
The need for accessibility and mobility from today’s growing remote workforce continues to change the working environment, opening up businesses to the risk of a cyber-attack.
Cyber-attacks can be a severe disruption for a business, cause considerable financial damage and undermine the trust of customers.
Living a connected life
Whether you’re working as an independent consultant in the latest start-up or part of a more established consulting agency, the ability to work remotely and access business applications is transforming how we work.
We also live such connected lives, sometimes with an online at all costs attitude which can compound problems – especially if you do not manage the threat of a cyber-attack.
What is cyber security?
Cyber security are actions taken to protect your hardware, IT infrastructure, business applications and sensitive data from unauthorised access.
No business is too small to be considered a target for a cyber-attack, as these attacks are indiscriminate, automated and attack any company that works online -exploiting known system vulnerabilities.
You can manage your online security in the same way as you would protect any other aspect of your life. You wouldn’t leave money or other valuables just laying around in public, you know there is a risk so you would take precautions.
Start with adopting best practices with regards working online or in the workplace to reduce the risk of any threats. That means keeping up-to-date with software updates and upgrades, adopting a strong password regime and trusting your instinct when it comes to suspicious emails.
In terms of hardware, remember to install anti-virus software on your computers, tablets and phone to protect against viruses or malware. Plus, don’t forget to security mark the hardware, have somewhere safe to place it overnight and look at backing up your data so that you can always access it.
And keep on top of what to look out for in terms of the latest threats, without feeling you are always in a “state of emergency” which can be exhausting.
Addressing bad IT habits
It’s human nature, but what tends to happen is that we fall into bad habits, as the risk assessment becomes lower, with the latest “IT storm” having passed we let our guard down.
As IT systems’ themselves have become harder to break, hackers are searching for other weaknesses to exploit. And that tends to be human fallibility.
Hackers access systems by gathering information from social engineering using social media profiles to try and figure out passwords, or exploit general bad password hygiene or steal devices left unprotected.
The value of education
So, it is critical as a business to make all employees, consultants, and freelancers conscious of the value of data and that protecting it is also their responsibility.
And with the new GDPR 2018 data privacy legislation there are serious penalties for non-compliance with regards data breaches, as well as the direct impact on a business from unauthorised access.
According to research in the UK by Citrix a survey of 2,000 workers found that almost half of those polled regularly use passwords to protect home documents, whereas only one in three do so at work.
The findings suggested that employees, are mindful of taking steps to safeguard their own data, but automatically assume that the responsibility of maintaining the work IT infrastructure lies with their employer.
Plan how to manage IT security risks
A cyber-attack could take place remotely, on third party systems that hold your data, or by employees sharing confidential information.
These incidents can happen maliciously or by accident, so allocating time to creating an effective cyber-attack strategy, that lays out what to do in the event of an attack can save both time and money if it happens for real.
When you are creating a plan, establish how much of a risk you are to an attack. Make sure you are aware of any obligations under the new GDPR rules and identify critical assets that are essential for a business to operate and assess how quickly they can be accessed with a fully thought-out recovery plan.
At Brainping we always believe in having a plan, whether that be for cyber security or for how to develop your consulting business. Contact us if you want to know more about how Brainping can help bring some stability to how you manage and find your consulting contracts.
Image source: www.freepik.com