10 Top Tips for Maintaining Information and Cyber Security When Homeworking

Frazer Grudgings
|
Senior Consultant at URM
|
PUBLISHED on
20
July
2022

In recent years, working from home has become a standard working practice – but how do we go about it in a secure way?  In this blog, we aim to provide 10 top tips to enable you to embed key cyber security practices and keep important information assets safe and secure whilst working remotely.

1. Keep Assets Out of Sight

Store laptops and other computer equipment out of sight when not being used; this way, they won’t become a target.  Make sure you also do this when transporting these assets, i.e., put them in the boot, not on the back seat, and do the same with hardcopy confidential information.

2. Clear ScreenDF

Most organisations have a clear screen policy, part of which requires screens to be locked when you are away from your desk.  You should continue to do this when at home too.  Predominantly, this is to keep confidential information away from family members, tenants or visitors in your home, but neither do you want the cat to walk across your keyboard and undo all your hard work!

3. Strong Password

If you can use your own computer/device for work purposes, make sure that you have set a password that meets your company’s password policy.

4. Anti-Virus

If you are using your own computer/device, also make sure that you have up-to-date anti-malware (anti-virus) software installed and running.

5. Patching

Make sure your computer is fully patched.  For most of us, that means checking that Windows updates have been installed.

6. Router and Wi-Fi

Many of us will be connecting to the Internet using a Wi-Fi router.  There are a couple of things to check here. First, make sure that the router itself is password protected and that only authorised people know the password.  The second is to ensure that the Wi-Fi connection is password protected and is also encrypted. Check the settings on the router.  You are looking for WPA-2 to be enabled.  This stands for Wi-Fi protected access, and it is enabled by default on most modern routers - but check to be sure.

7. Setting up Virtual Network

If you have the technical know-how to do so, consider setting up a separate virtual network within the router that only your work computer is connected to.  This will mean that even if other systems/devices in your home have weak security, you will have an extra layer of protection.  These other systems/devices include mobile phones, tablets and computer systems that belong to other members of the family.  These may not be fully patched and may not have adequate protection from malware.

8. Separate Network

If you have items that have a Wi-Fi connection for the sake of convenience, consider putting these into a separate network as well.  We call this the Internet of things (IoT), and it comprises items such as Wi-Fi-connected central heating systems and other home automation products, and maybe even the fridge and the kettle!

9. Encryption

If you need to send information from home to somewhere out there on the Internet, consider encrypting the files before you send them or, better still, encrypt your connection end to end by using a VPN for Mac or Windows.

10. Stay Informed

This means that you should ensure that you take your information and advice from reputable sources.  Always seek information from primary, trustworthy sources, such as the government’s website or the websites of your bank or major brands.  Always type in the address of such websites into your browser if you know it.  Never click on a link in an email or social media message.

Help is available from your organisation’s IT, information security or compliance department.  Follow their guidance and if you are not sure about something, ask.  In this situation, the old adage applies: there is no such thing as a stupid question.

How URM can Help?

By following the advice in this blog, you will be able to ensure that your organisation’s personnel take the fundamental steps to maintaining the security of its assets whilst working remotely.  However, if you would benefit from further advice and more sophisticated measures to protect against a broader spectrum of threats, URM can offer a range of information and cyber security consultancy services to help secure your organisation.

Our team can help you prepare for and facilitate your Cyber Essentials assessment; we can conduct a gap analysis to help you identify any areas of noncompliance, and work through a Cyber Essentials checklist with you before you complete your self-assessment questionnaire (SAQ) or check your already completed SAQ prior to submission.  Having assisted over 400 organisations to achieve ISO 27001 certification over the last 2 decades, URM is also ideally placed to support your organisation’s implementation of and certification to the Standard.  The ISO 27001 support we offer is fully flexible and tailored to your organisation’s needs, and our consultants can assist you with any aspect of conformance with the Standard that you require.

Frazer Grudgings
Senior Consultant at URM
Frazer is a Senior Consultant at URM with over 15 years’ experience managing the introduction, maintenance, change validation and improvement of organisation-wide management systems, with particular expertise in information security, data protection and quality.
Read more

Do you need any help with ISO 27001 certificate?

URM can help you achieve ISO 27001 certification
Thumbnail of the Blog Illustration
Information Security
Published on
29/2/2024
The Timeline for Transitioning to ISO 27001:2022

Blog, produced in collaboration with BSI, discusses the timeline for transition to ISO 27001:2022 and what you can expect from your transition assessment.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on
23/1/2024
6 Must Do's When Implementing ISO 27001

URM’s blog outlines the 6 of the key steps you can take to successfully implement an ISO 27001 conformant information security management system.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on
21/6/2023
ISO 27001 vs SOC 2 - Part 1

URM delivered a question and answer session where it compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

Read more
The partnership approach URM takes is genuine. Our relationship with URM is not hard-nosed or overly commercialised, and feels much closer to a partnership arrangement than any other security consultancy providers we have worked with. If we had a new piece of work that we needed external help with, URM would be our first port of call for assistance.
CISO at University of Surrey
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.