The time has come for some of us to start returning to the office, and we think it’s about time to stop living in our joggers and start wearing real clothes again. Whilst most businesses will have put in the appropriate measures to keep the workplace clean, and employees safe, are the same precautions being executed to keep your computers and IT systems safe?
A YouGov survey showed that 1 in 5 people, went from never working from home to doing so in the past year. With lockdown restrictions easing, we are starting to see an influx of employees returning to the office which creates the possibilities of cyberattacks and data breaches. A study by IBM found that 95% of cybersecurity breaches are caused by employee error. This includes lost or stolen devices and accidentally downloading malicious software.
95% of cybersecurity breaches are caused by employee error.
Cyberattacks and data breaches are detrimental to all businesses, however small businesses who are less likely to be prepared for this threat can receive devastating consequences. A Symantec Internet Security Threat Report revealed that 60% of targeted attacks were aimed at SMEs. FSB report that the annual cost of such attacks has been estimated to cost £4.5 billion within the UK, and IBM has reported that small organisations – ones with 500 or fewer employees, can spend up to an average of $7.68 million per incident.
There are several preventative steps, businesses can take to help keep your company's data secure and improve overall IT security. We have produced a user-friendly checklist on what to look out for and key steps to help you protect your IT system when employees return to the office.
- Provide training and guidance to all employees
- Perform health checks and sanitise all devices
- Monitor and report suspicious activity
- Identify and Access management
- Seek support
Provide training and guidance to all employees
First and foremost, as stated above, most data breaches are caused by employee error, and therefore ensuring your employees have the appropriate training and guidance will help significantly reduce the risk of cyberattacks and data breaches in your business.
Ideally, all employees will have previous training on proper cybersecurity before they start working from home, however poor cybersecurity habits may have been formed putting your business at risk. Thoughtless tasks such as using personal devices to access company data and using company devices to access personal data and non-company related websites are all ways employees can regularly open the company to potential cyberattacks.
Before all employees return to the office, ensure that appropriate training, guidance, and rules have been offered to all employees. Make clear how official communications will be received to avoid potential phishing email threats.
Perform health checks and sanitise devices
Before allowing employees to reconnect to the main company network, assess the health of all devices and screen them for threats. We recommend conducting a vulnerability assessment which includes looking at items such as if all applications, software, and antivirus is up-to-date and regularly updated strong passwords have been set.
The IAM specialised surveyed UK workers, and 58% admitted to being more likely to try and bypass a company’s security measures when working from home. This portrays how imperative it is for companies to check all devices for unapproved software and perform health checks.
In the meantime, you can instruct employees to connect their devices to a guest network or a temporary network, until a full health check has been carried out on each device. All personal devices should only ever be allowed to connect to a guest network and never the company network.
Controls and Monitoring for suspicious behaviour
Having controls in place to monitor and reporting suspicious activity is important. Ensuring that those who act as admins have appropriate access, and all employees have a means of reporting potentially suspicious activity.
Using anomalous behaviour detection tools such as SIEM or EDR will help you easily recognise and report suspicious activities. These will reveal behaviours such as misuse of VPNs, employees trying to access data that they shouldn’t be, and access changes.
Encouraging your employees to report suspicious activity can help reduce the impact of threats, especially in phishing email attacks that get sent to multiple users at the company.
Identify and Access management
Reports suggest that the average SME under 100 employees has at least 22 business applications. This rises significantly with mid-market and enterprises where on average they run from 460 to over 750 applications. This hugely increases the likelihood of compromised usernames and passwords, allowing cyber-criminals to gain access to corporate applications.
With so many applications, both SAAS-based and on-premises, there is a need to provide secure, seamless centrally managed authentication, taking away the risk of users managing weak static passwords.
Seek Support
As a small or medium business, you may not have the resources or the knowledge to fully ensure that your company is fully protected and secure. Therefore, seeking help from managed IT services could be crucial to your business.
At AZTech, we have considerable experience with assisting clients to prepare for remote working, and their journeys back into the office space. Alongside this, we offer full security services to ensure your business is protected from cyber-attacks.
We currently offer a free It Security Assessment which will analyse how secure your organisation is, discovering any vulnerabilities and areas for improvements. Or you can download the 90-step checklist and perform the assessment internally.