New guidance campaign launched to help businesses safely work remotely

Today, (Tuesday 21st June) have launched a campaign titled ‘Remote Working is every day working for some people. The campaign which aims to provide businesses of all sizes and from all sectors with simple guidance on how they can work remotely in a safe and secure manner.

Remote working is any work that’s done outside of a physical office, this is also referred to as telecommuting or working from home. Prior to the pandemic, flexible or remote working for the majority was something that occurred when a usual work base was unavailable. However, there are many professions where remote working is everyday working, for example marketing and communications freelancers, project consultants and even those in administrative functions for construction and home improvement businesses.


Remote working does come with increased cyber security risks, and this is often due to insufficient knowledge on basic cyber safety and poor cyber hygiene habits. If you work for an organisation, you are typically given cyber security training when you first join and then ideally on an annual basis. However, for those who are self employed and working as freelancers or consultants this is not the case, and they are responsible for their own training and knowledge.

What are the main cyber security risks with remote working?

With the continued rise of the number of freelancers, cybercriminals are beginning to shift their focus away from other targets and onto micro businesses like self-employed freelancers. Freelancers tend to communicate a lot with people they don’t know personally, for example prospective new clients and will regularly open new files in emails and share personal information in their inboxes such as invoices and PayPal details.


As many freelancers also work on laptops on less secure networks – whether that’s at home or at a coffee shop – it makes them a perfect target for cybercriminals. Other risks include:

  • Using unsupported devices and weak security

  • The loss or theft of sensitive information (bank details, client details, login information

  • The use of public wi-fi

  • Being caught out by using duplicate and malicious hotspots

  • Using unsecured devices

  • Having confidential and private conversations in public places

  • The hybrid working switch risk

So, how can individuals protect themselves when working remotely?

Whilst remote working does present a number of cyber security risks, there are steps that businesses of any size can take to help mitigate against these risks. One key way to ensure you are working securely is to implement a cyber security policy. By having a policy, you set the standards of behaviour for digital activities such as the encryption of sensitive data and the access permissions for systems.


According to the recently published Cyber Security Breaches Survey 2022 from the Department for Media, Culture and Sport there has been a 9% decrease in the number of businesses who have cyber security policies that cover remote or mobile working, whilst the number of charities covering it increased by 10%.


The report also revealed only 32% of businesses and 26% of charities are using a virtual private network (VPN) for employees that are connection remotely.


Even though there are many ways a cybercriminal could take advantage of your remote working environment, there are many ways you can protect your workspace and mitigate your cyber risk.


These include:

· Using anti-virus software and firewalls

· Backing up files and devices

· Using strong, unique passwords and password managers

· Completing cyber awareness training

· Obtaining and achieving cyber essentials


This campaign has been launched in collaboration with the North West Cyber Resilience Centre and Mitigate Cyber. Read more about the 'Remote Working is Everyday working' campaign on our website.

 

Take steps today to become more cyber resilient

Businesses in the South East can sign up for a free Core Membership online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats, designed to help you stay safer.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.