The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Working Securely Online – Cyber Hygiene

Working Secure Online – Cyber Hygiene
09 September 2020 | Updated 15 October 2020
 

With more people working on the internet outside of monitored business networks, the risks of compromising company and personal data are increased.

Concentration is currently on hygiene in the workplace, and this should extend to cyber security. Keeping a clean connection is vital to ensure there are no weak links in the organisation's chain.

 

The Dangers of Internet Attacks
 

According to a recent study by the cybersecurity firm Promon, 77 per cent of remote employees in the UK don’t have any security concerns about working from home. Above all this shows that people are unaware of the risks, and many choose to share information between personal and business accounts without consideration.

There has been a significant leap in the number of web attacks during the pandemic, as criminals attempt to use it as another opportunity to capitalise on anxiety. Phishing, where hackers pose as legitimate services in order to get private information, is not the only way that people can be victimised. Vulnerable browsers can put saved passwords at risk, and downloads can bring ransomware and malware to your computer. Malwarebytes, a popular antivirus program, identified a site disguised as a Johns Hopkins University COVID-19 map, that didn’t require any input other than a click to infect computers.

 

Image

Picture: A photograph showing some code

ISS’ new CEO recently congratulated his employees for their handling when their sites were taken down back in February– they were not alone that month, with INA group in Croatia and a natural gas compression facility in the US joining the long list of companies that face extensive repair costs every year due to online breaches.

 

Points for Protection

 

Facilities managers can make sure that employees have training in order for there to be higher rates of avoiding incidents. The human element is the most independable, so a basic level of understanding goes a long way. Within the office environment, there may be an IT expert on hand, but offering that aid remotely becomes a less immediate line of defence. There is a framework published by The National Institute of Standards and Technology which helps to build an appropriate security awareness course.

Updating applications and keeping a good antivirus program may seem like obvious points, but for those that mostly used workplace maintained computers before lockdown, it may have been taken for granted. Important patches and data for new viruses are best received this way. Wariness of non-verified third-party apps and downloads is important and can prevent getting to this stage, but that’s no reason not to be prepared with these fail-safes.

Using different machines, different accounts, and different passwords for work and leisure will help to ensure privacy of sensitive information. As a business, you can choose hosts that utilise Multi-Factor Authentication and even Virtual Private Networks (VPNs) to protect from non-secure WIFI or websites. Such authentication usually requires several simple steps for access, like personal questions or codes sent to other accounts, hoping to catch out frauds with only one piece of the puzzle. VPNs hide the IP address when connecting to the internet, making it more difficult for hackers to target the system.

Shared devices are not as ideal as they present the possibility of identity fraud. Even though you may greatly trust those that you live or work with, it wouldn’t be sensible to subject the company’s sensitive data to judgement of character, and accidents happen. Simple precautions, as with current coronavirus regulations, are our best measures against invisible threats.

Picture: A graphic showing a map of the world with a laptop and a lock on the screen.

Article written by Bailey Sparkes | Published 09 September 2020

Share



Related Articles

Interserve Fined £4.4m for Failure to Keep Staff Details Secure

The UK’s IT security watchdog has fined Interserve for breaching data protection law and failing to prevent a cyber attack. The Information Commissioner’s...

 Read Full Article
NHS IT Services Supplier Victim of Ransomware Attack

It has been confirmed that a ransomware attack is causing a major outage for NHS IT systems. Services affected include software used by NHS 111 and other patient notes...

 Read Full Article
Smart Buildings at Increased Risk of Cyber Attacks, Says Verdantix

The operational technology that powers connected devices across building systems is providing more entry points for cyber criminals to exploit, says research and advisory...

 Read Full Article
Cybersecurity – Are Smart Buildings and its Data Vulnerable to Malware Attacks?

As more and more of a building’s functions are automated and controlled via smart technology systems, has cybersecurity been an afterthought? In 2020, Boris...

 Read Full Article
More Global FM Firms Hit By Cyber Attacks

EMCOR Group and Bouyges are the latest FM companies targeted by malicious software attacks.  The website of EMCOR Group, the global providers of facility...

 Read Full Article
Who Is The Weakest Link?

According to Sophos, 70% of internet users have the same password for almost all the web services they use - and there are groups of businesses and individuals who are...

 Read Full Article
How to Identify and Address IoT Security Weaknesses

Data-driven facilities management is now the expected norm, but security concerns about IoT systems still remain amongst FMs and tenants. The Internet of Things (IoT)...

 Read Full Article
BESA Tightens Security After Fraud Incident

The Building Engineering Services Association (BESA) says it has carried out a thorough review of the security procedures behind its online training schemes...

 Read Full Article
COVID-19 Working From Home Guidance – What’s the Latest?

Employees in England are no longer being asked to work from home, as the government removes Plan B rules. But is this change as simple as encouraging a mass return to the...

 Read Full Article
Critical Log4j Vulnerabilities Affect Real Estate Software

Critical vulnerabilities in open-source software pose potential risks for a wide range of businesses, governments and individuals. Log4shell, the vulnerability...

 Read Full Article