Suddenly the office is in shutdown, and for the first time you have a significant number of people working from home.
The team is coping, but you’ve got a nagging doubt about whether these hasty IT arrangements are secure. You ask IT support a few questions about cybersecurity, but the answers seem to be in a different language!
Well, you should be concerned. Criminals are ramping up their activities, because systems are more vulnerable when people work from home.
But there’s no need for panic. Most cyberattacks are successful simply because basic steps haven’t been taken.
Here is a simple checklist to ask the person responsible for IT. The answers should all be YES!
Protect your data
- Do we know for sure that our backups are actually working?
- Does data stored on a home user’s hard drive get backed up?
- Does our central data storage have versioning?
- Have we got a Data Loss Prevention system running?
Protect your remote devices
- Do we have multi-factor authentication set up for our systems?
- Will our anti-virus, anti-malware and patching tools automatically update for home users?
- Has everyone who’s working from home signed a communications and internet usage policy?
- Have we given cybersecurity training to the team within the last six months?
- Are our GDPR policies appropriate for people working remotely and at home?
Protect your network
- Do we use a Virtual Private Network (VPN) to connect remote users to the company network?
- Is our email system encrypted, and has DKIM, DMARC and SPF been set up on the Domain?
- Do we have mobile device management systems controlling all mobile equipment on the network?
- Do we have an appropriate system usage and data management policy?
- Are business applications configured to provide least-access privileges?
Stop the bad guys
- Is our video conferencing protected against rogue attendees and are calls secure?
- Have we got proper checks in place to stop us losing money through fraud?
- Are our remote support tools secured against rogue access?
If you value your business, make sure the answer to all these questions is YES. If you are not sure submit this list to your IT support team for a full security check. Better safe than sorry.
If you need some cybersecurity advice call us and we can put you in touch with some good guys.