2. Personal vigilance to cyberthreats<\/h2>\n
While strengthening your software will help to detect and destroy any threats to your system, one of the most important elements of the process is to prevent potential attacks from taking place. The best way to do this is to remain vigilant to threats and to empower your employees or colleagues to be able to recognize and manage them.<\/p>\n
Use work computers<\/h3>\n
Where possible, it\u2019s advisable to use work computers that have been vetted and already have security systems and software installed. It\u2019s always preferable to use a machine for work that isn\u2019t also used for personal reasons. If this isn\u2019t possible, however, there are many processes that you can employ on your personal computer to ensure that your own and your company\u2019s data is safe.<\/p>\n
Be aware of phishing emails<\/h3>\n
The most common attack vector has historically been phishing emails, and this will only increase during the global pandemic, as remote workers are more vulnerable. Make sure to educate yourself and your team on phishing, and how you can detect suspicious emails. You can typically spot them through bad grammar and spelling in the body of the email, subject line, as well as the email address itself.<\/p>\n
Keep up to date on recent scams<\/h3>\n
Ensure that you\u2019re aware of scams that are currently circulating, and communicate this to colleagues. Never share personal information with an untrusted source, or from an unsolicited call or email. If you\u2019re unsure, it\u2019s always worth verifying with the sender of the email, or the source of the call before responding to messages.<\/p>\n
Use a password manager and two-factor authentication<\/h3>\n
It perhaps goes without saying that strong passwords are critical for preventing account hacks. Have a unique password for each account, and ensure that you use upper and lowercase letters as well as numbers and special characters. Using a password manager not only prevents you from storing passwords on your device, and makes it easier to remember all of these passwords, but they can also generate these secure passwords for you.<\/p>\n
Where you can, using multi-factor authentication on your accounts also offers additional protection, with a second stage of password input from another device. It\u2019s a form of verification of users’ identity before granting access to a site. This could be a fingerprint or facial scans on phones, an email or text verification, or a code on an app.<\/p>\n
Do you work for a small business? Take a look at our advice on best practice for data security in SMEs<\/a>.<\/em><\/p>\n As an employee, you should feel empowered by your company to combat cyber threats. Discussions should be made to ensure that you have a secure company policy in place so that you know exactly what systems you should have in place, and what to do if an attack occurs.<\/p>\n You should feel well trained and in the best position possible to protect your data. If it isn\u2019t already in place, discuss implementing a rigorous training process on the importance of cybersecurity and how best to implement that at home. If you already have training in place, this should be updated and employees should be kept in the loop of any changes or threats. You and your colleagues should also know how to store data securely, and how to report incidents should they occur.<\/p>\n For employees to best understand how to protect themselves from cyber threats, they need a clear and comprehensive remote working policy to follow. This should include what can be accessed and stored on private devices, as well as a process if systems are breached. If your company has this in place, ensure that it covers everything that you feel you need to be best protected, and follow these guidelines to ensure that you remain compliant with company procedures at all times.<\/p>\n If your company is not currently ISO 27001<\/a> certified, this is certainly a point to discuss with management. The ISO 27001\u2019s Information Security Management System (ISMS)<\/a> provides a thorough approach to ensuring that your company\u2019s information is safe and secure. It helps your business coordinate consistent security policies across your IT processes and systems, as well as employees within the whole company.<\/p>\n With the above guidelines, you should be better prepared to prevent security threats to your company\u2019s data.<\/p>\n To ensure that you are in the strongest position possible to combat internet fraud, PC or laptop theft, and overseeing transactions, get in touch with a member of the IMSM team to discuss obtaining your ISO 27001<\/a> certification.<\/p>\n <\/p>\n3. Follow company guidelines on remote working<\/h2>\n
Adequate training<\/h3>\n
Remote working policy<\/h3>\n
Become ISO 27001 certified<\/h3>\n
![\"Information](\"https:\/\/no-cache.hubspot.com\/cta\/default\/3038466\/13d60104-ef1b-4a92-81fc-433f310be80c.png\")
<\/a><\/span>