The past few weeks have been tumultuous as the majority of us have scampered and scrabbled to get organised for, and come to terms with, the reality of the COVID-19 lockdown. While all our attention has been on the pesky virus, we’ve taken our eyes off another threat, one that can have equally devastating outcomes—breaches in our online security.
This is understandable. Many of us are now working from home and the well-equipped office set-up has had to make way for an improvised workspace. While some organisations have allowed staff to take their computer equipment home with them, that has not always been the case. Often the systems and devices we enjoy at work have had to be replaced by mobile devices at home. Furthermore, home devices are often shared, whereas the work environment usually provides dedicated personal devices.
Plus, there are all the additional distractions working from home can bring, like children and household chores, and it’s in just such times we are most vulnerable.
The following are a number of areas where people could be laying themselves open to harm, and areas they should be extra-vigilant when it comes to IT security.
Computer equipment might have been provided by your organisation to take home for this period. In that case, a back-up IT service would probably have been provided as well. Make sure you know how to get hold of them. If that’s not the case, make certain you have an IT expert on standby you can call in a crisis.
While we struggle to set up new systems on our computers that will enable us to work remotely, we are not all experts with such systems and most of us just want them to work without necessarily understanding them. Good enough is good enough—or so we think. Often, by not installing such systems properly, we leave significant gaps in our cybersecurity. Take time to ensure your systems and applications are properly installed. Seek the help of your IT expert if necessary, and don’t simply rely on someone in the household you assume ‘will know about these things’.
You should have your own dedicated space, if not a whole study, for working in your home. All too easily, when some household issue demands our attention, we can leave our computer open on a critical or confidential piece of work. Anyone can then access that confidential information or decide to use your open computer and possibly wreak havoc on settings, files, and your security. Make sure you keep your computer locked when not using it, and do not leave confidential documents lying about.
If you must share a computer, make certain your individual folders are encrypted and password protected so they can’t be damaged by other users. Better still, save your work on an external encrypted USB drive that is password protected and never share passwords with anyone.
Many of us are turning to the sorts of online shopping, delivery and services we hadn’t used much before. These services often require us to install special apps—and we do this because we are eager for the service, without considering the possibility of something we download introducing some malware into our system. Check the authenticity of such offers before installing such apps.
Lastly, there are numerous messages coming from our banks, our service providers, our utility companies, our clubs and organisations, all of which assure us they’re looking after us. Frequently, these organisations are represented by their subcontractors, and this is where problems can occur. Although we don’t necessarily recognise the subcontractor, we nevertheless trust them because we’re assured they are working on behalf of the parent organisation. We might provide them with all sorts of confidential information. Once again, check the authenticity of such messages and never give away your passwords.
In addition, with many of us feeling the financial pinch, there will be constant checking of our financial systems—checking payments made by debit order or that they have been put on hold; checking repayments made on travel and events booked but which have been cancelled. Be cautious about giving away confidential details and never share any passwords when making such enquiries.
The overriding message—as for COVID-19—is to be safe and stay healthy.