Ask the Expert – Home Working

There have been a lot of cyber security related questions since the necessary changes to business working practices were announced, in light of the COVID-19 lockdown.

We’ve pooled together our expert’s responses to some of the most common ones that we’ve seen and been asked. Responses are also in line with NCSC guidance.

Although this is an “ask the expert” article, we should remember that whilst it is easy to complicate subjects, the real skill is in simplifying the complex, or the unfamiliar. In the same way that an electronics expert would likely check a fuse before moving on to more complex fault-finding activities, or the incredible scientists supporting the Government through the coronavirus pandemic have simplified the science to practical measures, such as washing hands and keeping 2m apart, cyber security experts should do the same in their advice.

Serbus Secure and the home worker
Serbus Secure and the home worker

Q1. What is a phishing attack?

A phishing attack is when you are sent a link, by a criminal, trying to get you to click on links within a scam email or text message, or to give sensitive information away (such as bank details). Once clicked, you may be sent to a counterfeit website that could download viruses onto your computer, or steal your passwords.

The attacker often masquerades as a trusted entity in an attempt to dupe you. It’s also common that clicking on a suspect link can lead to direct installation of malware, subjecting your system to a ransomware attack.

For corporate or governmental networks, the results can be a catastrophic part of a larger attack or an Advanced Persistent Threat (APT). In instances like this, if clicked, a malignant link can compromise employees in order to bypass security perimeters and distribute malware in the network, often to gain access to confidential data.

Q2. What should I do if I think I have fallen for a phishing email?

If you are using a work laptop or phone, or are using your own equipment for work purposes, contact your IT department and let them know.  Don’t just pretend it didn’t happen or hope it will go away – believe us, it won’t!

Ensure you check, or your IT department checks, your antivirus software is up to date and run a full system scan.

Change any passwords you may have provided on the hoax website.

Q3. Should I have my work emails on my personal phone?

The simple answer is to check your company BYOD policy. If your company allows you to check your emails on your personal device, ensure you check any additional restrictions. This could include, but is not limited to, ensuring that:

  • Your device has a complex password
  • Your device locks after a specific number of failed login attempts
  • You’re not using rooted (Android) or jailbroken (iOS) devices

From a company perspective, management of these security restrictions is far more effective if managed centrally. This reduces the potential risk of human error, by taking the responsibility of device management away from the individual employees.

Our Serbus Secure suite of tools offers a centrally managed solution (either by us or your organisation). We can provide you with new devices, or work with your existing BYOD fleet. Read more about the capabilities of Serbus Secure.

Q4. How secure is my phone when I’m using it for work at home?

Devices used for working outside of an office environment are more vulnerable to loss, theft and damage. The same security measures should be implemented as set out above, regarding email security, but specifically locking your screen if the device is going to be left unattended or if there are children or housemates present. When your device is not being used, it should be stored somewhere safe.

If your device is lost or stolen report it immediately. Important credentials, such as email passwords, can then be reset to prevent potential access.

It is also really important to keep the software on your device up to date; updates often include critical patches to security holes, and will improve the stability of the device software, removing any redundant or outdated features. Not only will it mitigate potential breaches, but it will also make the device user’s experience better. This is something you need not worry about doing every moment of the day, rather, ask your IT department to check that auto-updates on your devices are turned on and it will manage itself.

Q5. How secure am I using conferencing apps like Zoom, BlueJeans and Skype, while I’m working remotely from home?

The use of conferencing has received a lot of negative press with regards to breaches, for example the rise in Zoom-bombing incidents. There are simple measures that you can implement to significantly increase the security of conferencing tools – all can be checked within your default settings:

  • Avoid reusing conference room IDs
  • Delete a conference room after use
  • Ensure invites include the requirement to enter a passcode
  • Always require a host or moderator to control the conference

If your tool of choice allows, you may want to consider:

  • Users from your organisation (and guests that were specifically invited to the meeting), are allowed straight into a meeting
  • Unauthenticated users should be required to enter a passcode
  • Unauthenticated users should be held in a waiting area (often referred to as ‘the lobby’), and only be admitted into the meeting once their identity has been verified by a trusted participant

Other features to control are whether you need to allow:

  • File sharing
  • Screen sharing
  • Instant messenger chat
  • Automatic call transcript generation
  • Remote control of another participant’s device
  • Session recording

When it comes to sharing files or screen sharing on a conference call, it’s key to be particularly cautious, especially when it comes to the information and data being shared. Find out why here. https://serbusgroup.com/comms-posts/screen-share-how-secure-is-it/

Have you got any questions you’d like to ask our experts? If so, we’d be happy to have a chat. Just contact us at [email protected], or give us a call on +44 (0)1432 870 879.

.