Today Tuesday 21st June, we have launched a campaign titled ‘Remote Working is every day working for some people.' The campaign aims to provide businesses of all sizes and sectors with simple guidance on working remotely safely and securely.
Remote work is any work done outside of a physical office, also called telecommuting or working from home. Before the pandemic, flexible or remote working for the majority was something that occurred when a usual work base was unavailable. However, there are many professions where remote working is everyday working, for example, marketing and communications freelancers, project consultants and even those in administrative functions for construction and home improvement businesses.
Remote working comes with increased cyber security risks, often due to insufficient knowledge of basic cyber safety and poor cyber hygiene habits. If you work for an organisation, you are typically given cybersecurity training when you first join, ideally annually. However, this is not the case for those who are self-employed and working as freelancers or consultants, and they are responsible for their own training and knowledge.
What are the main cyber security risks with remote working?
With the continued rise of freelancers, cybercriminals are shifting their focus away from other targets and onto micro-businesses like self-employed freelancers. Freelancers tend to communicate with people they don’t know personally, for example, prospective new clients. They will regularly open new files in emails and share personal information in their inboxes, such as invoices and PayPal details.
Many freelancers also work on laptops on less secure networks – whether at home or at a coffee shop – making them a perfect target for cybercriminals.
Other risks include:
Having unsupported devices with weak security
The loss or theft of sensitive information (bank details, client details, login information)
Using public Wi-Fi - this is not always secure
Being caught out by using duplicate or malicious 4G hotspots
Having unsecured devices with out-of-date software/applications
Workers sharing confidential information and having private conversations in public places
Workers using ChatGPT and other AI chatbots in an attempt to improve efficiency without being aware of the risks involved with AI chatbots
So, how can individuals protect themselves when working remotely?
Whilst remote working does present several cyber security risks, there are steps that businesses of any size can take to help mitigate these risks. Implementing a cyber security policy is one key way to ensure you work securely. Having a policy sets the standards of behaviour for digital activities, such as the encryption of sensitive data and access permissions for systems.
According to the recently published Cyber Security Breaches Survey 2023 from the Department for Media, Culture and Sport, showed that 64% of businesses have a cyber security policy which covers remote or mobile working
The report also revealed only 31% of businesses and 22% of charities are using a virtual private network (VPN) for employees that are connected remotely.
Even though there are many ways a cybercriminal could take advantage of your remote working environment, there are many ways you can protect your workspace and mitigate your cyber risk.
These include:
Make sure you have anti-virus software and an up-to-date firewall
Remember to back up your files and devices
Use strong, unique passwords and consider a password manager
Ensure your company has given you security awareness training
Obtain and achieve cyber essentials
This campaign has been launched in collaboration with the South East Cyber Resilience Centre and our Cyber Essentials Partner, Mitigate Cyber. Read more about the 'Remote Working is Everyday Working' campaign on our website.
