Home working: preparing your organisation and staff
.
The NCSC offers guidance on how to ensure your organisation is prepared for an increase in home working, and advice on spotting coronavirus (COVID-19) scam emails.
The Covid-19 pandemic has resulted in an increase in organisations working from home, which in turn presents new cyber security challenges that need to be managed.
When setting up new accounts and accesses, the NCSC suggest strong passwords should be set for user accounts. Firms can refer to the NCSC guidance for system owners responsible for determining password policy. The NCSC also strongly recommend that firms implement two-factor authentication (2FA) if available.
Controlling access to corporate systems: Virtual Private Networks (VPNs) allow remote users to securely access their organisation's IT resources, such as email and file services. The NCSC offer guidance on the use of VPNs.
Helping staff to look after devices: They encourage staff to be vigilant when using devices outside the office to minimise any risk to the data held on these. For firms permitting people to use their own devices to work remotely, firms can refer to the NCSC's Bring Your Own Device (BYOD) guidance.
Removeable media: USB drives and cards can contain lots of sensitive information, are easily misplaced, and when inserted into your IT systems can introduce malware. The NSCS offer more guidance on the use of removeable media.
Spotting email scams: there has been a notable increase in Covid-19 related phishing emails. Firms can refer to the NCSC guidance on dealing with suspicious messages.
Staff might feel more exposed to cyber threats when working outside the office environment. The NCSC offer an e-learning package 'Top Tips For Staff' that an be completed online, or built into firms' own training platform.
