Cyber Security Training For Home & Mobile Working
Remote work has become a necessity for many modern organisations looking to recruit talent and create business continuity plans and while home and remote working has a number of business benefits it also exposes organisations to a range of cyber security risks that need to be managed.
Cyber crime is now the fastest growing areas of global crime and instead of a few small groups and some individuals committing the crimes, larger organised groups have grown up.
Cyber criminals have learnt from their effective attacks and are becoming more successful with their ransomware and hacking attacks. Cyber criminals are grouping together and working almost with traditional commercial practices and they are becoming more efficient.
As a consequence every organisation should consider implementing effective risk based policies and procedures to support mobile working, or remote access to systems.
- Loss or theft of the device: Mobile devices are highly vulnerable to being lost or stolen, potentially offering access to sensitive information or systems. They are often used in open view in locations that cannot offer the same level of physical security as your own premises.
- Being overlooked: Some users will have to work in public open spaces, such as on public transport, where they are vulnerable to being observed when working. This can potentially compromise sensitive information or authentication credentials.
- Loss of credentials: If user credentials (such as username, password, or token) are stored with a device used for remote working or remote access and it is lost or stolen, the attacker could use those credentials to compromise services or information stored on (or accessible from) that device.
- Tampering: An attacker may attempt to subvert the security controls on the device through the insertion of malicious software or hardware if the device is left unattended. This may allow them to monitor all user activity on the device, including authentication credentials.
Educate users and maintain awareness: All users should be trained on the use of their mobile device for the locations they will be working in. Users should be supported to look after their mobile device and operate securely by following clear procedures.
This should include direction on:
- secure storage and management of user credentials
- incident reporting
- environmental awareness of the risks of being monitored and hacked.
What has also become clear is that effective employee cyber training will reduce security costs, improve an organisations future commercial strategy, and will help to protect it against cyber-attacks, hacking, fake news and negative brand PR security.
The reasons why employees are so important for the operations security is because often cyber criminals will perform attacks on an organisation using phishing emails and similar tactics, making employees the first line of defense that needs to be strengthened.
GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees working at home or in the office in less than a month.
Combining latest insight from global experts with gamification, daily inspiration, social engagement and competition, GoCyber is both credible and fun. All content adheres to some rigorous SIPP standard - Simple, Impactful, Provocative and Personable - which ensures GoCyber is not dull! A genuinely engaging cyber security awareness programme for everyone across the business.
You Might Also Read: