The country-wide lockdown has had a huge impact on businesses across the UK, offices have closed, manufacturing has stopped and the hospitality and tourism industries have ground to a halt. For those companies who were lucky enough to be able to continue operating remotely, they had to quickly set up systems that enabled staff to carry on working from home. This raised some cybersecurity issues early on, forcing businesses to act fast to reduce the risk of a data breach during lockdown.
But despite things still being very uncertain, the government has suggested that if everything goes according to plan businesses could start to open back up in the coming months. This is good news for those who are desperate to get back up and running, but there’s one major problem, they could be opening the door to a cybersecurity nightmare.
As the country prepares to come out of lockdown slowly, cybercriminals are ready and waiting to take advantage of any areas of weakness in a business’ security systems. So the questions is, how can you update your cybersecurity after lockdown? Below, we’ll take a look at four ways you can protect your business from cybercrime.
- Have a digital cleanup of work devices
The rush to set up a remote workforce meant that many people were having to use personal devices or take work devices home with them in order to continue doing their job. This in itself became a big security issue for businesses, with many devices lacking effective security systems or connections, and crossover between personal and work computers increasing the risk of a data breach.
This means that when staff return to work, they will be bringing these same devices back into the office with them. These devices may already be infected with malware or have become compromised in some way during lockdown. Others may not be running the latest security features or patches and therefore leave the device open to hackers. If these devices are used for work or plugged directly into other company devices or networks, they could cause these to become compromised or offer hackers a backdoor into company systems.
Therefore, it is vital that your organisation practises good digital hygiene as everyone begins to return to work. The best way to do this is to ensure that every device has been scanned and is free of malware or any harmful material before being connected to the main network. These devices should also be updated to ensure they’re running all the latest security systems.
- Run a security gap analysis
As your workplace begins to return to some sort of normal (social distancing in the break room notwithstanding) it’s a good idea to run a security gap analysis. This will help to highlight any areas of your cybersecurity systems that might be left vulnerable after weeks of closure and remote working. This gives you the opportunity to update all your systems and policies and ensure you’ve got the most effective security strategy in place post-lockdown.
If you’re not feeling confident enough to run the gap analysis yourself, that’s OK. You could always hire a professional security service provider to come to the office and do this for you. This way you can ensure you’re doing everything you can to fend of a security breach.
- Update your staff on cybersecurity best practises
Whether your staff have been furloughed or working from home, life has been very different for people across the nation and we’re still going through a period of adjustment. As such, people may have forgotten or need a refresher course on cybersecurity best practises. Fort his reason it’s a good idea to run some updated training sessions and make sure you’ve got literature in place that employees can access at any time they need a reminder about cybersecurity.
In particular, there have been a lot of phishing emails and scams circulating in relation to Covid-19. You may have already alerted staff to these new scams, but just because people are returning to work, it doesn’t mean these cybercriminals have put their tricks to rest. Employees need to continue to be vigilant and stay aware of any suspicious emails or communications they receive, particularly those in relation to the virus.
- Do not undo all your hard work
In the early stages of lockdown, you probably worked hard to ensure that staff had the VPNs, platforms and devices they needed to keep working and to keep your security as tight as possible. So it would be silly to undo all your hard work. If staff have been using two-factor authentication and strong passwords to better protect devices, encourage them to continue practising these important security measures.
What’s more, not everyone will be returning to the office at the same time and you might find that you’re also offering remote working more and more now that the business is able to cope with it. So it would be remise to throw out all the work that you did getting remote systems in place. Not to mention that as Covid-19 continues to spread, some staff may find themselves having to isolate and quickly needing to be able to pick up and work from home again. For this reason, it’s a good idea to keep your remote systems in place for a while because you never know what will happen in the near future.
It’s time to find the new normal
As businesses begin to re-open and people start returning to work, this is going to be an adjustment period for everyone. It’ll take a while to get used to new rules and not being able to get too close to your colleagues and you don’t want security breaches to be another issue facing your recovering business.
To combat this, it’s best to get ahead of the game. As people return, make sure all devices are being given a digital cleanup and that you revisit all security systems and training to ensure everyone is clued up and security risks are at a minimum.