logo-loader
viewCrossword Cybersecurity PLC

Crossword Cybersecurity guide to working securely from home

It is based on the advice Crossword is providing FTSE 100-listed clients

Crossword Cybersecurity PLC -

Crossword Cybersecurity PLC (LON:CCS) has issued a helpful step-by-step guide that will help mitigate the security risks for companies whose employees are working from home during the COVID-19 lockdown.

It is based on the advice it is providing FTSE-100-listed clients. Here, as a service to Proactive’s readers, are the main points:

1.  Run audio and video calls securely - What is visible in the background of your screen during video calls and is someone monitoring who is on the call?  The same is true for audio-only calls.  A team member should be responsible for ensuring only invited guests are present, and calls should be locked once started, so other participants cannot join.

2.  Educate employees on Phishing attacks - The NCSC mentions COVID-19 related Phishing attacks that use the current crisis to trick employees into clicking on fake links, downloading malware, and revealing passwords - so educate them.  These could be fake HR notifications or corporate communications; fake tax credits; fake emails from mortgage providers; free meals and mechanisms for registering for them.  The list is endless and cybercriminals are very news savvy and quick to adapt.  Employees are likely to be more vulnerable to phishing attacks due to people rushing, fear, panic, and urgency; all the behavioural traits that result in successful phishing attacks.

3.  Automate Virtual Personal Network configurations (VPNs) - IT and Security teams may have a backlog of users to set up on VPNs, to provide secure connections to corporate networks.  Do not allow employees to send data insecurely, use automation to make accelerated deployments and guarantee correct configuration.  Even IT staff are fallible, and the combination of pressure of work volume and working fast, may leave a gaping hole in your infrastructure.

4.  Control the use of personal devices for corporate work - Due to the rapid increase in home workers, many employees may be using their own devices to access emails and data, which may not be covered by Bring Your Own Device (BYOD) policies.  What this means in practicality, is that employee's personal devices may not be securely configured, nor managed properly and be more vulnerable.  IT and Security teams again, may need to retrospectively ensure that employees are complying with BYOD policies, have appropriate endpoint security software installed etc.

5.  Stop personal email and unauthorised cloud storage use - When companies are experiencing IT difficulties in setting up employees working from home, people may be tempted to use personal emails or their personal cloud to send and store data, as a workaround.  These are a risk and can be easy for cybercriminals to target to gain company information or distribute malware, as they are not protected by the corporate security infrastructure.

6.  Keep collaboration tools up to date - Tools such as Microsoft Teams, Zoom and Google Hangouts are great, but it is important to ensure all call participants are using the latest versions of the software, and that includes partners and customers that may be on calls.  Employees should also only use the corporate-approved tools and versions as they will have been tested by security teams for vulnerabilities, that could be exploited by cybercriminals.

Quick facts: Crossword Cybersecurity PLC

Price: 345 GBX

AIM:CCS
Market: AIM
Market Cap: £16.2 m
Follow

NO INVESTMENT ADVICE

The Company is a publisher. You understand and agree that no content published on the Site constitutes a recommendation that any particular security, portfolio of securities, transaction, or investment strategy is...

In exchange for publishing services rendered by the Company on behalf of Crossword Cybersecurity PLC named herein, including the promotion by the Company of Crossword Cybersecurity PLC in any Content on the Site, the...

FOR OUR FULL DISCLAIMER CLICK HERE

Watch

Crossword Cybersecurity's Stuart Jubb discusses significant new consulting...

Stuart Jubb heads up the consulting division at Crossword Cybersecurity PLC (LON:CCS) and spoke to Proactive London's Andrew Scott about several big new agreements they've just signed. They include three with companies in the legal, insurance and financial services sectors, to...

2 weeks, 5 days ago

3 min read