blogs & Things

Cyber Security For Remote Working… How Everyone Can (And Has To) Pitch In

blogs & Things
wooden toy

Cyber Security isn’t, and shouldn’t, be the sole responsibility of your IT team

 

2020 has seen an unprecedented rise in the rate of remote working and whilst only time will tell if this becomes the ‘new normal’, organisations have already had to take drastic steps to lock down security over these new extended remote networks.

Or they should have at least…

 

Many organisations are still failing in their cyber security and time and time again cloudThing has seen their main vulnerabilities being their remote workers and the access they need to centralised systems.

One of the key points we stress when it comes to cyber security and remote working is staff awareness… to make your organisation an unattractive target to cyber actors, everyone needs to do their part.

Everyone Needs To Understand Their Part

It’s not just the IT department that needs to worry about cyber security.

In an age of remote working cyber security needs to be built right into your organisations guiding principles, with every member of staff aware of their responsibilities. They need to know understand and be able to react to the dangers that working from home can bring to a company, from opening a strange email right through to logging on to a public wi-fi.

Implement Personal Device Policies

In the scramble to enable working from home at the start of 2020 an unprecedented number of organisations allowed staff to use their personal devices to connect to centralised work systems.

In theory there’s nothing wrong with that, but, if the correct guidance isn’t followed, then it can become a cyber criminals dream.

Your leadership team needs to work closely with IT, HR, and the wider organisation to institute secure policies for when staff are remote working that everyone understand, and, more critically, follows.

Staff need to know what it means when they use a personal device, what the consequences could be and what steps your IT team will take to secure company data on it. They might need to download specific security protocols or allow IT remote access to wipe the device if it’s lost.

Make Sure There’s Companywide Updates On The Latest CyberThreats

Cybercriminals are constantly improving their skills, finding new ways to attack your organisation so if Frank from accounts is remote working these days a half hour talk on cyber security when he started two years ago just isn’t going to cut it anymore.

Your IT team will be (or should be) well aware of what’s going on in the wider worlds and they need to work with other departments to communicate that knowledge.

For the foreseeable future the two biggest threats to remote working will be phishing scams and network penetrations.

Phishing scams are nothing new, but your staff should still be kept up to date with the latest techniques cyber scammers are employing as they get ever more sophisticated.

The bigger concern is a disperse ‘home network’ as opposed to the traditionally centralised ‘corporate network’. That kind of setup gives hackers infinitely more entrance points to your vulnerable systems, massively increasing the risk of advanced persistent threat attacks, risking all your data.

Home routers, open management interfaces and ridiculously easy to crack passwords are just some of the issues your IT team need to work hard on to educate your staff, enshrining it in your governances.

Utilise HR & Marketing

As already mentioned, cybersecurity works best when all your staff are onboard. How best though, to accomplish that?

Fortunately you’ll already have two departments within your organisation who’s job it is to communicate… HR and Marketing.

HR will already be set up to communicate effectively with staff, and PR is marketing’s core job… selling others on ideas. Have both departments work closely with IT on how best to communicate the concept of cybersecurity to your staff.

Don’t be afraid to pull your experts from their normal roles to help out in communicating new and vital messages to company prosperity.

Have HR Mitigate The Psychological Impacts Of Remote Working

All these new security principles we’ve been discussing have to be implemented but… HR need to work with IT as it happens so as not to overburden your staff with unfamiliar concepts.

As important as these are, they need to go hand in hand with a positive staff experience.

Surprisingly, one of the biggest cybersecurity risks in this age of remote working is employee satisfaction.

Staff are worried about furlough, redundancy, job security and a whole host of other issues… all whilst coping with the mental stress of a new working environment… putting them in charge of their own cyber security with a whole host of new governances to learn could well be the straw that breaks the camels back.

Insider threats are a very real thing and won’t necessarily take the form of a staff member stealing your data. It could just be with everything else and a disgruntled/don’t care attitude they ignore new security measures from home, putting the entire organisation at risk.

 

That’s why IT need to work HR are about the rollout of cybersecurity controls, to make sure they’re implemented in a way that empowers rather than forces staff to adopt them.

Have a third-party test security measures before making them compulsory… just because they make sense to someone from IT doesn’t mean they’ll be easy to work with to a member of staff with a non-technical background.

Make your staff aware of why you’re doing these things. Rather than just arbitrarily ordering a new way of working on them, explain what the measures are for… you’ll be amazed how much more accepting they become.

Appeal To Their Self-interest…

If you want people to follow your new cyber security governances, then you need to appeal to their own self-interest.

Work related cyber security concerns can feel distant to employees stuck at home so you need to work extra hard to bring these very real concerns to life for them.

That’s where all the above steps come into play, with good governance, training, crafting off the message from marketing and before and after care from HR.

More blogs & Things

More blogs & Things


James Crossland in NonProfit

AI + Automation: Reducing Donor Churn & Maintaining Sponsor Interest

Churn management is a vital element of any marketing strategy, and the NonProfit sector is no exception. Knowing what to track and having a joined up view of all your donations data is vital for getting this right, and also opens the door to building innovative data-driven campaigns.   At our recent DataScience and Transformation in Charities […]


James Crossland in NonProfit

Dynamics 365 In NonProfit’s

Charities have unique funding concerns, and an obligation to spend as much as possible on their chosen cause. However, an investment in technology can offer ROI in the form of more than just improved fundraising. Dynamics 365 can help rework complex business processes, ensure compliance with stringent safeguarding and financial regulations, as well as consolidate […]


James Crossland in Tech

8 Ways Your Business Can Increase Turnover With Big Data

Understand how Big Data and Data Science can transform your business…   Big Data is the phrase that’s used to categorise any data that’s too large, complex, cumbersome or complicated to be managed and processed by conventional technology. To put that into a relatable context; being able to recommend your customers content, products or offers based […]


James Crossland in NonProfit

How To Reduce Donor Churn In NonProfits

Reducing Donor Churn doesn’t have to be a big task but does need to be a fundamental part of a NonProfit’s day to day processes   What Is Donor Churn? Donor Churn is the likelihood of an individual stopping their donations to a charitable cause for a variety of different reasons resulting in the non-profit organisation […]


James Crossland in Tech

Agile: Cutting Costs, Improving Quality & Accessing Talent

After using Agile to develop software products for several years, we thought we’d share the challenges we encountered at the start, what we did to change and the results we saw (which were ultimately uplifts in quality and efficiency)…   My development team has been using Agile to develop software product since 2007. Personally, I’ve seen many […]


James Crossland in Tech

UI VS UX

What’s the difference between UI and UX?   Simply put UI (or User Interface) are the pages, screens, buttons, icons and any other visual aspects of a website or App that let you interact with it… or to expand on that into the non-virtual world… UI is how you experience using something – For instance in opening a fridge, […]


Send us a Message






    Call cloudThing
    0121 393 4700
    DEVELOP • DYNAMICS • DEVOPS • DATA
    By pressing send you agree to our Terms & Conditions