Small businesses that have limited IT experience inhouse can take some simple steps to reinforce their homeworking cybersecurity:
1 – Ensure all devices are password protected
The first and most important of these by far is to ensure all devices are protected by a complex password or PIN for mobile devices or website logins. Make sure this contains special characters and no personal information. Furthermore, if the business is using a solution that supports it, such as Office365 or Google Apps, it’s always worth enabling MFA – that is multifactor authentication. This sends each user a unique expiring code to their phone every time they login, which adds an additional layer of protection and further reduces the risk of an intruder gaining access to the system.
2 – Keep installing updates for all computers
Make sure to install updates for all devices and computers as soon as possible after they are released; getting these installed is a key line of defence protecting users online.
3 – Make sure antivirus is installed
Check that all devices have a current and up-to-date antivirus solution installed.
4 – Enable encryption on devices
There has been a spate of ransomware attacks recently in the media – which is where an attacker encrypts all your files and tries to sell the keys to the unencrypted versions back to you. Businesses can protect against this by using a cloud storage system, such as Onedrive for those running Office365, or Dropbox, as these all provide ways to go back to previous versions of files if the system gets infected with ransomware. But make sure it has a strong password, as discussed in point 1.
Enable encryption on all devices – Bitlocker on Windows, FileVault on MacOS or encryption on an Android phone. Make sure to keep a note of the recovery keys somewhere safe.
5 – Monitor your network for intruders
Finally, given the current circumstances, there is a heightened need for businesses to proactively monitor their network for potential threats and vulnerabilities, rather than simply reacting to threats as and when they become a problem. As with most issues relating to security, one of the hardest components to manage is the so-called “human factor”. This is just one of the reasons why our new my. plan platform enables businesses to see what data is being used on employees’ mobiles, so they can make risk-based decisions as to what should and should not be acceptable use on company devices, as well as being able to block websites that host suspected malware so that your users cannot get to them in the first place.