Contact Support

If you are an existing client to get support call us on:

+44 (0)1483 412 042

OR

Login to the portal

Support portal

If you've been given a 6-digit support code

click here

Not an existing customer?

Contact us

Covid-19 (Coronavirus): Cybersecurity considerations for remote working

Understanding cybersecurity in COVID times is vital in order to keep your business well protected. As a Cybersecurity speaker, I’m constantly having a lot of different conversations about Covid-19, and how it impacts cybersecurity concerns. One question that comes up regularly is  “What things (both from a cybersecurity and a technology perspective) should we consider with staff working from home due to the Coronavirus outbreak?” . To answer this, we’ve put together this blog to explain everything you need to know.

Remote worker

 

The basic building blocks that you need to be thinking about are:

  • what, who and how are you connecting
  • when do they need to connect
  • is the connection safe and secure

If you allow remote users to connect to your systems there is always a risk. If their machines are not secure then, by default, neither are yours. Whatever access you’re giving and however you’re going to facilitate it, you need to be thinking about security and your human firewall. Your human firewall is both your best line of defence and also your biggest risk.

Cybersecurity in COVID Times

Cybercriminals are opportunists, and like any other event that can cause vulnerability, they are making the most of the effects of coronavirus in society. Find out more about cybersecurity in a COVID-19 world, and read on to find out what you need to do to keep cyber safe when employees are working remotely.

Access to machines

A common issue is that in the past employers have simply asked staff whether they are able to work from home, and have access to a computer, and have been told yes. The nuance with the current scenario, however, is that we need to consider what happens when an entire family is working from home. You need to know if all your staff have sole access to a machine.

cybersecurity in covid times

If not, for some the solution is to allow staff to take their work machines home with them (laptop users probably do this anyway). If you’re doing this with a desktop you need to think about connectivity. Most home networking is Wi-Fi so you’ll either need a Wi-Fi dongle or consider long CAT-5e ethernet cable to run from the machine to the home router.

Remote access tools

An increasing number of digital applications are now cloud-based. This makes remote working a lot easier, but for any on-premise applications you are going to need to a remote access tool. Which tool you use will probably be decided on based on  what your IT team/provider are most proficient at using, and your appetite to ease versus cost.

Connectivity considerations

With increased remote users accessing an on-premise solution, you may face speed issues due to the size of your connectivity pipe. Many people have a larger bearer (the pipe that carries the service) than the service they are paying for. This is an ideal scenario as it is quick and easy to increase the speed of connectivity for your office.

Anti-virus for all users

One of the most important considerations regarding cybersecurity in COVID times is that a good anti-virus product needs to be used by everyone. For many businesses there is a quality anti-virus policy in the office, but no control over what people use at home. Consider a licensing agreement whereby home users are provided for under the office license agreement. This will allow you to ensure that everyone has good protection. Don’t allow users to use free anti-virus software.

Cybersecurity concerns

Now more than ever you need to put in place a good password policy and, wherever available, use multi-factor authentication (2FA/MFA).

Cybersecurity concerns

Don’t be fooled into thinking that having a VPN provides you with all the security you need. Alone, that is not what a VPN does. A VPN is about providing privacy and a private connection, rather than a secure connection. A VPN is a private tunnel from a user to the main system, and it’s imperative that we take the security steps to ensure that the tunnel is secure at both ends. If not, cybercriminals can simply come through the tunnel and attack your systems.

Cybercriminals are making the most of the current environment of heightened fear. They’re using Coronavirus-related opportunities to attack users and their machines. There are a lot of cyberattacks and malware problems being delivered under the guise of either Covid-19 advice or as an interactive Covid-19 Virus Outbreak Map. Please advise your users to be aware of this and not be tempted to click on social media clickbait.  Learn more about avoiding coronavirus scams.

Coronavirus spam

Coronavirus-related spam is also booming now. In addition to the usual filtering platforms, you can reduce the problem by getting your mail domain and system administrator to lock down your generic email accounts.

Account settings

Help safeguard a machine by paying attention to the local-admin account setting. The user account that someone uses on their machine should always be set to ‘standard’ and not to ‘local administrator’.

In the office your IT team should have this in hand but, at home, many users have a default local administrator account. What this means is that if the machine is compromised, a cybercriminal has full access to make changes and cause maximum harm.

To fix this problem at home, follow these steps:

  • first create a new user as a local account (you do this under control panel and users)
  • name the account admin
  • change that user’s account type to be a local administrator
  • select and change the normal user account type to be standard

Users should now use their standard account on an ongoing basis, only switching to the admin account when they want to make changes to their machine configuration.

Data protection

You must give thought to what data remote users are generating and where it’s stored. This has an implication on your GDPR responsibilities as well as prompting thought about backup needs and requirements. Where possible, save to your corporate system/cloud solution and if not, you may need to consider a local backup solution such as rotating external hard drives.

Webcams and video calling

As more people work from home, we’ve seen more webcams being deployed. It is worth opting for a camera with a lens cover, or if a camera is not supplied with one add it retrospectively (they can be obtained easily and cheaply online). Most webcams have an activity light but it’s possible for malware to disable that. The internet will show you thousands of live feeds from hacked security cameras and you don’t want any voyeuristic crime in a home office.

Remote work

Insurance implications

One last thought, if you are asking staff to work from home who don’t normally do so, you might not have thought about insurance implications. It’s also important that you ensure that staff still comply with health and safety regulations.

Home working environment

Good advice to staff working from home is to make sure you create a suitable environment that protects you from postural risks, in the same way as you would at work. Make sure you sit at table of a suitable height, using a chair that enables you to comfortably use your keyboard and mouse, and allows you to rest your feet on the floor.

If staff need to take a monitor/keyboard home to work for long periods, employers should facilitate this. Business owners should ensure that managers are talking to their direct reports to ensure that they can work safely and securely. Find out more about creating a suitable working environment at home.

At a time when business leaders are forced to contend with all sorts of unforeseen complications, because of coronavirus, cybersecurity concerns might not be at the forefront. The truth is, cybersecurity in COVID times is a whole new ball game, and we all need to learn as time goes on. To maintain your understanding, take a look through our range of coronavirus and cybersecurity resources.

Receive our FREE bespoke IT health assessment

Start
Registration No. 26980136
Terms and Conditions | Privacy Notice
GBH Law
GBH Law
11:29 22 May 20
Changing IT support providers, like changing lawyers, is not a decision any business takes lightly or frequently. The decision is fraught with numerous questions such as whether the new team will understand my business needs, will it cause teething problems, and more importantly, will the reality match the sales pitch! We took that decision to move to Ramsac in January after ten years with another provider and we have not regretted that choice for a moment. Ramsac are simply great! From the get go we have been very well supported from the front line very helpful telephone support team right up to our relationship manager. We feel that the Ramsac team are very much an integral part of us . What however has driven us to write this review is the fabulous support we have received following a cyber attack this week. Something no business wants to happen but is increasingly a sad factor of modern cyber life. The Ramsac cyber support team were superb and really gave us first class support and guidance through what was frankly a horrible experience. Thank you Dan! Denise Herrington
The HR Services Partnership
The HR Services Partnership
17:59 16 Jan 20
We have worked with Ramsac since 2015. They offer a truly winning formula. We have been delighted by their support at all three levels: our network consultant (Colin) understands our set up and is great when we need to upgrade our infrastructure; we have ready access to our account manager who has been great with supporting our growth; and the helpdesk is always so patient for the day-to-day glitches. Very professional and supportive – thank you team ramsac!
Zoe Brooks
Zoe Brooks
13:02 16 Jan 20
Sam on the support desk is extremely knowledgeable and helpful. Every time I have rung with an issue and she has helped the problem has always been rectified smoothly and quickly!
Sarah-Jane Calloway
Sarah-Jane Calloway
16:02 06 Jan 20
Ed spent two days with us following an office reshuffle. He worked to a very high standard and was very helpful, courteous and happy to sort out anything we asked of him!
Luke Hoey
Luke Hoey
14:20 07 Nov 19
Always very helpful and will work hard to resolve any issues you have.
Richard Renson
Richard Renson
16:54 10 Dec 18
Great, helpful IT Kings and Queens
Andrew Worth
Andrew Worth
12:37 30 Aug 18
fine bunch
Colin Warner
Colin Warner
08:46 06 Dec 17
Excellent managed service provider.
Selom B
Selom B
11:58 10 Dec 16
First Class!! Responsive, knowledgeable, professional and very easy to work with - Ramsac have been a fantastic strategic IT partner for the last few years and I'm sure will continue to be for many years going forward. I would highly recommend them!
Ian Windle - Inspiring Leadership
Ian Windle - Inspiring Leadership
08:53 04 Jul 16
Great IT business, with a powerful management team. Could not recommend them more highly.
Patrick O'Luanaigh
Patrick O'Luanaigh
10:55 01 Jul 16
A truly fantastic IT support company - I can't speak highly enough about them.
Sarah Whitemore
Sarah Whitemore
11:59 20 Jun 16
I have known Dan May and Ramsac for 5 or 6 years now. Dan is such a great guy and really helpful with strategic advice and input on all things IT. He's so approachable and doesn't baffle you with IT jargon. If you are looking to outsource your IT or you have a problem you need help with Dan is definitely the one to ask.
Jonathan Richards
Jonathan Richards
12:14 31 May 16
I've worked with Ramsac for many years and whole heartedly recommend their services. They are always professional, approachable and have the rare skill of making IT understandable. Their can do attitude leaves you feeling that you are in safe hands.
See All Reviews
© 2021 ramsac. All rights reserved.