More of us are working from home than ever before – and it’s no longer primarily because of Covid concerns.

In fact, recent statistics show that 16% of the working population work purely from their own property, while 28% have a hybrid arrangement in place that allows them to split their time between home and the office.

There are so many benefits to home or hybrid schemes, not least that we can save on travel costs and reduce our impact on the environment. But one important aspect of home working that’s not always discussed is what businesses need to do to prevent their data and systems from being compromised when staff are logging in from different devices in different locations.

Aside from making sure suitable anti-virus tools are installed on your business devices (which is a non-negotiable!), here are 7 things you can do to protect your remote workers from malicious cyberattacks.

1. Update all your software regularly

This applies to any cybersecurity strategy, but it’s even more vital when much of your workers’ digital habits are beyond your control.

From operating systems to servers and everything in between, make sure you’re running the latest versions of all your third-party software, as this will ensure you’re benefiting from the latest security patches and will be less susceptible to a brute force attack.

2. Check to make sure your employees’ home routers are secure

It’s notoriously difficult to hack into a commercial router, but this isn’t the case with home equipment. Flaws with internet routers can compromise your systems, so it’s concerning to think that hackers could use your employees’ Wi-Fi connection to access sensitive data, change DNS settings, or plant malware, simply because this equipment isn’t running the latest firmware.

To combat the problem, ask your staff to change their home router passwords regularly; teach them how to disable remote administration access; and encourage them to update their router’s firmware as soon as it becomes available. (Some routers will automatically check for updates, but not all will.) You’ll find instructions on how to do this here.

3. Teach your teams how to identify phishing emails

Phishing remains a huge threat to businesses of all sizes – and unfortunately, email scamming techniques are getting more sophisticated as the years go by.

The most proactive thing you can do is invest in accurate, up-to-date email phishing training for staff, so they are well-versed on how to spot suspicious-looking messages and avoid opening themselves and their devices to data breaches, malware, ransomware, and fraudulent transfers.

You can learn more about how to keep your business emails secure in our recent blog.

4. Educate your employees on what NOT to share on social media

Today’s social platforms are an essential part of modern life. However, there’s no harm in asking your employees to be careful about the posts they put out, and, more specifically, the personal information they share on their profiles.

Why? Because cybercriminals can use this data to impersonate an individual or create phishing emails or other outreach that looks and sounds legitimate. In more extreme cases, they may even find the means to steal that person’s entire identity.

Reiterate to your teams that personally identifiable information – for example, their location, email address, physical address, date of birth and bank details – should never be made publicly available online.

5. Use VPNs

A virtual private network (VPN) will add an extra layer of security to an employee’s internet connection. It works by routing a device’s internet connection through the VPN’s private server rather than your internet service provider (ISP). This means that, when data is transmitted to the internet, it comes from the VPN rather than a computer.

Setting up a VPN is usually quick and easy, and there are plenty of great value plans available for business owners with remote teams.

6. Explore two-factor authentication (2FA)

2FA creates an extra hoop for employees to jump through when they’re logging in to commonly used apps and systems – but it makes it a lot harder for hackers to access user data.

2FA processes normally ask the user to enter a unique one-time passcode that has been sent to a separate account or device; this verifies that the login attempt is being made by someone who has the correct access permission.

7. Extend protection to employees’ personal devices where possible

According to WebRoot, 37% of office workers use both personal and work devices for all matters – which means that cross-contamination is hugely likely, even if you have specifically issued equipment for business use.

The solution? Make sure your employees have installed robust anti-virus software and/or other endpoint protection on ALL their tech, including their own laptops and tablets.

For more advice on protecting your remote workers, contact ECOM UK directly. Alternatively, learn more about our cyber security services.