Does Home Working Make Your Business Vulnerable to Cybersecurity Threats?

Many large companies are set to continue working from home for the foreseeable future and are changing their entire working practices to allow remote and flexible working for their employees. Nationwide is the most recent household name who have announced that their 13,000 office-based staff will be permitted to work ‘anywhere’.

   

Whilst home-working has many benefits, such as a reducing costs and allowing for flexible working, there are some drawbacks to consider such as mental health concerns, lack of team-working and the increased risk of cybersecurity risks.

   

Cybersecurity Risks With Home-Working

 

Companies had to quickly adapt to avoid becoming one of the casualties of the covid-19 pandemic. Workplaces were forced to send employees to work from home with little time to prepare. This meant dishing out laptops, mobile phones, software packages and licences with little time to prepare or pause to consider the risks involved.

   

Hopefully once businesses settled into their newfound situation a review of risks would have been carried out to ensure they are protecting their valuable business data.

   

Businesses are always at risk from cybersecurity attacks and as cybercriminals only become smarter in their ways, this risk will continue to increase. Cybercriminals have wasted no time in exploiting the weaknesses and businesses are encountering threats regularly.

   

There are benefits to having all your workers and computers in the same building and connected to the same server with IT personnel to hand. It makes educating employees and responding to any risk or breaches much easier to manage.

   

Once you have several employees all working from different locations, on different devices and at different times of day, your risk is significantly increased. Some of the risks may include:

 

 

  • More information being sent via email in absence of face-to-face meetings.
  • Employees sending and receiving more emails than before.
  • Employees working at different times of day.
  • Employees using their own personal devices to work which may not have adequate security software.
  • Those working from home may let their guard down and not be as vigilant to phishing emails.
  • More difficult to monitor staff and ensure they are following safe practices.
  • Employees could be using their home bins for sensitive information which requires shredding or destroying securely.
  • Employees working from unsecure networking such as working from cafes, restaurants and public internet connections.
 

 

 

What Are The Risks?

 

Financial Risk:

A cybersecurity threat can be extremely damaging to your business. It can result in substantial financial losses if criminals are able to access your financial information, make thefts, disrupt your trading and result in you losing major contracts or customers.

   

Reputational Risk:

Many businesses rely on trust and integrity in their working relationships with customers, suppliers, and stakeholders. Cyber attacks which result in the leaking of private or sensitive information can erode trust, create poor PR and break down relationships.

   

Legal Risk:

Data Protection and Privacy laws require businesses to carefully manage the security of personal data that they hold. If this data is compromised and the business failed to comply with reasonable security measures, they could face large fines and regulatory sanctions. Some businesses could be struck off completely.

   

How to Mitigate Risk of an Attack

 

There are some simple steps that business can take to protect their businesses from cybersecurity risks. Even the most resilient of businesses can find themselves open to an attack.

   
  • Provide home-working or remote-working employees with a dedicated work laptop and phone. This makes employees less likely to visit risky websites on the same devise that holds work data and also ensures that work devices have the appropriate malware protection installed.
  • Set up a remote access VPN (Virtual Private Network) for employees to use. This is an encrypted connection between remote computers and your company servers which can ensure privacy and security.
  • Educate your staff and keep them informed regularly. A keen awareness amongst your workforce will help them to guard your business from threats. Employees should be trained, know how to spot malicious emails, use strong password and know how to dispose of sensitive data. They should also know the correct channels to report anything suspicious or report when a breach has occurred so that it can be dealt with quickly.
  • Ensure that you have data back-ups and contingency plans should your business be exposed.
  • Regularly assess your risk and have a robust cybersecurity policy in place. Frequently reviewing your business’s vulnerabilities will help you stay one step ahead.
 

 

Legal Support

 

If you require legal support in relation to cybersecurity, you require a review of your policies and procedures or your company has been through some structural changes that need to be addressed, please get in touch with our Company & Commercial team at Lamb Brooks.

   

Call us on 01256 844888, email enquiries@lambbrooks.com or speak to our online Chat Assistant who can take your details and ensure that one of our lawyers calls you back at a convenient time.

 

 

 

Other Articles You May Be Interested in Reading:

Supporting Employees Back Into the Workplace

Have You Reported Your Business Relocation to Companies House?

No Jab, No Job: Can Employers Insist on Employee Vaccines?

 

The contents of this article are for the purposes of general awareness only. They do not purport to constitute legal or professional advice.  The law may have changed since this article was published.   Readers should not act on the basis of the information included and should take appropriate professional advice upon their own particular circumstances.

Lamb Brooks LLP
Victoria House
39 Winchester Street
Basingstoke
Hampshire
RG21 7EQ
01256 471 085
© Lamb Brooks is authorised and regulated by the Solicitors Regulation Authority - SRA No 559661. Lamb Brooks LLP (registered at Companies House OC363909) whose registered office address is: Victoria House, 39 Winchester Street, Basingstoke, Hampshire, RG21 7EQ