When the Covid-19 pandemic caused offices and schools to close around the world, remote working became commonplace almost overnight. For many, it was a case of just making do. Dining tables were converted to work desks, Zoom calls replaced morning meetings, and process workarounds were found, until things went back to normal. Privacy wasn’t top of the priority list.
But that’s made the last year productive for cyber criminals. The Information Commissioner’s Office says online fraud rose by 70% over the past 12 months. And even as the nation eyes a mass return to the office, many employees will continue to work remotely at least once a week. Here’s how to stay safe while working from home.
1.Keep work data on work devices
Avoid the temptation to view sensitive work data on your personal device. There is a good chance you don’t follow the same security protocols as are mandatory at work. Make sure you run software and operating system updates as soon as they become available to keep everything secure. The Petya and WannaCry ransomware attacks of 2017 were largely possible because people and companies were running outdated software.
2.Save files to the cloud
Always use a centralised storage solution or cloud-based app, such as Office 365, rather than saving files locally. This will provide protection in case you ever damage or lose your device. It’s also a good idea to enable the ‘remote wipe’ function on your work laptop, tablet or phone, just in case it’s ever stolen. Resist the temptation to use unapproved tools or store data outside of company resources.
3.Be wary of using print outs
More people recognise the benefits of going paperless but an alarming number of industries still rely on reams of paper to conduct their business. Offices usually have confidential waste bins, but you’re unlikely to have this at home. It’s a good idea to lock sensitive print outs away at the end of the day, invest in a shredder or safely store records until you can take them into the office. Whatever you do, don’t leave them at a bus stop in Kent.
4.Practice good password hygiene
Use a password manager if you can, or follow the advice from experts at the National Cyber Security Centre (NCSC) who say it’s better to concoct passwords that are made up of three random words, as opposed to a complex variation of letters, numbers and symbols. They’re longer and harder to predict. Enabling two-factor authentication on your devices is recommended. You’ll be sent a code via text or email before access is provided.
5.Only use secure Wi-Fi
Now libraries and cafes have reopened it can be tempting to work away from home for a change of scenery. But always avoid using public Wi-Fi, which others can use to hack into your computer. It’s a better idea to use a personal hotspot from your phone or other device instead. At home, make sure your router is password protected too.
6.Or use a VPN
Virtual private networks (VPNs) are digital tools that allow users to browse the internet safely and privately. It adds an extra layer of security to any work you’re doing online, away from the firewall of the office, by hiding your IP address and location, and automatically encrypting data transfers. According to experts, the number of companies around the world using a VPN shot up to a high of 27% in 2020, and 51% of users in the US and UK said they were looking for better privacy on public Wi-Fi networks.
7.Beware video calls
At the start of lockdown, there was a flurry of headlines around Zoom’s safety and privacy issues, including uninvited guests joining private calls (known as ‘Zoombombing’). While the company made improvements, it was a good reminder to ensure meetings are kept private, either by requiring a password or controlling guest access from a waiting room. Be wary about other tabs or information that may be visible when sharing your screen, and consider blurring your background to prevent others on the call from seeing sensitive objects in your home.
8.Pay attention to your location
Can anyone overhear your conference call, or look over your shoulder while you’re typing? Make sure you don’t leave your computer unlocked and unattended in public or at home, and always have sensitive conversations behind closed doors, even if you’re wearing headphones. If you can’t find a private place to work, consider requesting a privacy filter shield from work. This makes it difficult for your screen to be read unless you’re sitting right in front of it.
9.Brush up on your privacy training
Good privacy compliance is like a finely tuned car (or bike) – it needs regular maintenance to run in top condition. Regular privacy training helps everyone stay up to date and serves as a reminder for what to do when targeted by something like an email phishing scam, for example. Our Privacy Guy series is a great place to start.
10.Always report incidents
If the worst happens, always report any privacy issues to IT and your company’s designated Data Protection Officer (if you have one) straight away. Businesses should have a contingency plan for data breaches, which will include notifying the ICO, and investigating the incident to prevent it from happening again in the future.
Build a culture of continuous privacy compliance
At the Privacy Compliance Hub, we make compliance easy for everyone to understand, care about and commit to. We call it a culture of continuous privacy compliance. Our platform, created by two ex-Google lawyers, provides a structured programme to follow, giving you confidence you’re keeping your customers, investors and the regulators happy. Discover how it works here.