When the UK entered lock down on the 23 March IT departments all around the UK suddenly had entire workforces reliant on remote working solutions. Some of the solutions were put into place just days before being put into use, this raised all manner of security concerns, not just for businesses but for individuals as well.
Now we are four weeks into the lockdown, it's time to make sure we are all still following best practice and making sure cyber criminals don't gain entry to any information or systems they shouldn't have access to.
A lot of people were forced to using home computers, some of which hadn't seen the light of day for months (or even years in some cases), the security offered via work computers is not always available or thought about on home pc's. Even work laptops being used at home might not stay up to date with updates or software patches.
So what can you do and what do we do to protect your data?
We have seen the usual barrage of 'junk' emails regarding Covid information, secret vaccines or ways to be immune from the virus, then there is the more standard type 'TV Licence' or 'tax rebate' emails where your direct debit or credit card information *needs* to be updated.
It only takes one click of a link or entering information into the website without checking it and suddenly a gateway into your life or the company you work for is open for cyber criminals to take advantage of.
Always remember the rules for all emails you receive:
- Check the sender address, is it from 'UK government' but the sender email is gmail.com?
- Never click links from within an email, go directly to the website via your web browser if possible.
- If you end up on a website what information is it asking your for? Is it necessary for them to have this information?
- Check for the padlock and the https at the start of the URL – this is the website address in the address bar of your internet browser and shows the connection is encrypted, remember this doesn't meant the site is genuine.
- Google some of the email text, it's quite common for scam watching sites to have a copy of the email body so a quick google search may give you the answer as to its legitimacy.
- Keep up to date via the internet email updates on the latest scams, such as https://www.norfolk.gov.uk/business/trading-standards/scams
If you can, make sure you keep your windows/mac updated and if you have a separate anti-virus/malware program make sure its also up to date, then run a full anti-virus scan at a time when the computer will be unused.
Lastly, over the lockdown period if you have a little extra spare time it's a good idea to do a cyber security audit of your own:
- Change your online passwords (keep them unique for each login).
- Have a look on https://haveibeenpwned.com/ and see if your email address/password has been compromised, if so get your passwords changed as soon as possible.
- Check your email spam settings and social media privacy settings.
- Clean up your phone/tablet and PC, get rid of those unused apps and old software.
- Enable two Factor authentication wherever you can.
At Clapham & Collinge we have a comprehensive cyber security policy, regular staff training and regular email reminders. We adhere fully to data protection and GDPR guidelines and all staff are using a remote working solution which means our client data stays secure and the staff working at home retain the high security standards practiced when in the office.
We hope you have found this short update useful, stay safe and stay cyber security aware.
*This article is provided for general information purposes only and does not constitute legal advice or other professional advice.
