Cyber Risk and Working from Home

Many people are still working from home. Some offices offer a hybrid work option, meaning that even more people are connecting to their employer’s systems remotely. But system security features that are in place at the office don’t always extend to workers’ homes. No small wonder that cyber risk is higher than ever before. 

Hackers know that remote workers often don’t have the same security set-up at home as they do at the office. But even when strong security protocols are in place, hackers can get in and data breaches happen. Why? Because human action has long been reported as one of the highest cyber risks. Temptation to fall for click bait – and trouble – seems to be even higher for people working at home in their jammies.

Cyber risk when working from home can leave employer’s systems vulnerable to hacks and malware. Employers can reduce cyber risk by providing remote support in these four IT control areas:

  1. Firewalls and Anti-Virus Software

Home workers should be required to install a firewall and anti-virus software. Firewalls protect against outside attacks and can be configured to block data from suspicious locations and allow relevant and necessary data through. Anti-virus software scans computer files and memory for patterns that may indicate the presence of malicious software.

  1. Program and System Updates

Home workers should download and install all program and system updates. Skipping updates and patches creates vulnerabilities that can be exploited by hackers and scammers. Workers should set up updates to be pushed automatically to their home computers and other devices to ensure they stay up-to-date.

  1. Passwords and Two-Factor Authentication

Home workers must use passwords for all system access and should be encouraged to use two-factor authentication. Two-factor authentication means the user must enter username and password plus another step, such as entering a security code sent via text to a mobile phone. Passwords used at home should follow the same strength protocols as those used at the office.

  1. Phishing Emails

Home workers should be trained never to open an email from a suspicious source, click on a link in a suspicious email or open an attachment without scanning it first. Otherwise, your worker could be a victim of a phishing attack and your data could be compromised. Workers should not click on links in pop-up windows or follow links that offer anti-spyware software.

More working from home equals increased cyber risk because basic IT controls at the office don’t automatically extend to home, leaving systems vulnerable. Employers must train and support their home workers about these four essential IT control areas to reduce cyber fraud and protect business systems and data. Hackers are looking for workers at home in their jammies to tempt with click bait – don’t let that be you or your workers.