Cyber security: helping your staff secure their personal devices

Lockdown means old boundaries between personal and professional devices are blurring – businesses should take action to shore up cyber security.

By ushering in a new era of remote working, coronavirus is stretching our cyber-security processes to their limit. In particular personal devices, while a crucial tool allowing many to work from home, also represent a new frontier in the fight against hackers, phishers and other agents of online theft and fraud.

Panic not: with a few simple steps, businesses can ensure remote working on personal devices stays secure as well as flexible.

View, don’t download

Ideally, personal devices should remain just that: personal. But is this even possible anymore?

Yes, says Annabel Kaye, director of small business support firm KoffeeKlatch – with a bit of initial setup. “Wherever broadband speeds permit, use remote viewing of your own servers to limit the amount of information downloaded locally to personal devices,” she says. By cutting down the amount of business-critical information being traded across potentially unsecured networks, the potential for fraud is cut off at the source.

But it’s important to back this up with procedural diligence. “People can’t store confidential personal data on their personal devices – doubly so any that are shared,” Kaye emphasises. It’s crucial that businesses keep track of sensitive information and when it’s being downloaded, so it can be deleted afterwards where necessary.

Contact IT

They might not be just down the corridor anymore, but IT departments should still be the first port of call for businesses relying on personal devices to facilitate remote working.

Many firms can use this as an opportunity to bed down more secure cyber practices for the long run. “It’s essential that businesses remind staff of the IT security policy,” says business adviser Sherry Bevan. “For example, if working on a personal device, are they keeping up with the latest software updates, including security patches?”

Your biggest risk is actually your home wifi, with kids logging in and out of gaming sites and possibly picking up viruses as they go

Annabel Kaye
Director, KoffeeKlatch

Go to your resident experts and get their input on cyber-security best practice – it’ll be more effective than cobbling together lots of new rules and regulations. “If your business has an IT department, make sure you are working in accordance with their homeworking and security guidance,” says Kaye. “They can often set you up remotely with lots of things to help secure your devices.”

Secure your wifi

Bevan asks: “If you’re working from home, how strong is the password on your wifi router?” This is a good question because in the time it takes you to stroll to the kitchen and make your third coffee of the morning, a seasoned hacker could easily obtain access to a poorly secured internet connection – and with it highly sensitive company information.

According to Kaye, “your biggest risk is actually your home wifi, with kids logging in and out of gaming sites and possibly picking up viruses as they go”.

Your personal device won’t stay secure for long if it’s connected to a compromised router. Changing your password to something harder to guess is internet security 101. Using a VPN (virtual private network) while remote working will take your online security to the next level, guarding against even the most questionable browsing habits of your offspring.

Multiple accounts

Linked to the above, having separate wifi channels and computer accounts for you and those in your household offers another layer of protection.

A personal device with a single account can compromise a business in two ways: exposing private information, and inadvertently increasing the risk of picking up a virus online.

Kaye recommends multiuser accounts across all personal devices, so that workers and others in their household “do not have access to the same space and ensure work is done on one user login only, saving information in spaces only that user can access”.

This can be extended to wifi connections to maximise personal device security: “Most modern wifi hubs offer multiple login setups,” says Kaye. This means children, flatmates and other members of the household can be isolated from work-only connections and can, in addition, be “confined to accessing devices you don’t need for work”.

Antivirus software

There is a plethora of effective, free antivirus packages available on the web – think Kaspersky, Bitdefender and Avira – and there’s never been a better time to download.

“Scammers and phishers are working overtime at the moment,” says Kaye. As well as office-supplied mobiles and computers, she says, “make sure your kids’ devices have automatic antivirus and malware checkers on them”.

Even with workflows as disrupted as they are, organisation is critical to drive home the benefits of this software to workers. A 2019 GlobalData report found that unchecked, unregulated user access to sensitive data was one of the “biggest challenges” for companies attempting to establish effective cyber-security protocols, and that “active support from top management” is needed to ingrain it as a priority. Security of personal devices is now a matter of professional importance – managers must lead the charge.

Five tips for keeping professional devices secure

  1. Don’t unnecessarily download sensitive company information; keep your personal device personal.
  2. Speak to your IT team to clarify and refresh existing policies around device security.
  3. Change your wifi settings and use a VPN to help shield personal devices from being compromised.
  4. Use multiple wifi and user accounts across devices being used for work.
  5. Download or invest in some industry-accredited antivirus software.

This material is published by NatWest Group plc (“NatWest Group”), for information purposes only and should not be regarded as providing any specific advice. Recipients should make their own independent evaluation of this information and no action should be taken, solely relying on it. This material should not be reproduced or disclosed without our consent. It is not intended for distribution in any jurisdiction in which this would be prohibited. Whilst this information is believed to be reliable, it has not been independently verified by NatWest Group and NatWest Group makes no representation or warranty (express or implied) of any kind, as regards the accuracy or completeness of this information, nor does it accept any responsibility or liability for any loss or damage arising in any way from any use made of or reliance placed on, this information. Unless otherwise stated, any views, forecasts, or estimates are solely those of NatWest Group, as of this date and are subject to change without notice. Copyright © NatWest Group. All rights reserved.

scroll to top