10 tips for cyber safety at work

June 20, 2017 3:56 pm Christina McDaid

We come to work every day, often following the same routine, unaware of the cyber dangers and implications that we face. Keeping yourself and your organisation safe is part of your job and by becoming more aware of these dangers by making small changes in the office, you can help keep yourself and your company safe from any cyber-attacks or breaches.  

1. Keep your password safe

We often say passwords are like toothbrushes:

Don’t share them with anyone (not even your colleagues. You and only you should know your passwords.) 

Don’t leave them laying around – In other words, don’t write them down on a piece of paper or a notebook on your desk. Store your passwords somewhere secure. 

Change them regularly – Like your toothbrush, you should change your passwords regularly. Using the same password can increase the risk of a hacker gaining access to your accounts, company or personal information. Hackers will target vulnerable websites that you probably use, but are not protected nearly as well, say an online shopping site for example. That’s why using the same password in work as you would for say an online chat forum, is not safe.  

Create strong passwords using a mixture of UPPER and lower case letters, numb3rs and $ymb0!$. 

2. Authorised people only

Don’t let anyone tailgate you at your office entrance or at any other point throughout the building. It’s ok to ask someone where they’re going and if they have any identification. You also shouldn’t expect anyone to let you into the building without your pass or confirming who you are. You should escort any unknown persons to a reception area to sign in. If you don’t, you could potentially be allowing a fraudster access to your work space, where important information could easily be accessed. Could you spot a tailgater? Watch our trailer here to see. 

3. CTRL ALT DEL when you leave your seat

Unless you want to leave your computer open to anyone, with all your documents, files, confidential information at hand, then lock your computer every time you leave your seat. Even if you’re only popping to the kitchen for a cup of tea, or a quick bathroom break – its good sense to get into this habit, so that you and only you can gain access to your computer. 

4. Save everything on a shared drive/cloud

You should try to work from an online platform such as Microsoft SharePoint, or at the very least back up all your work regularly to a cloud service, to avoid losing it in the unfortunate case of a ransomware attack. Don’t rely on or working from your desktop as your computer could fail at any time. 

5. Don’t be tricked into clicking on links/attachments

With a lot of emails coming into your inbox every day, it’s easy to be tricked into clicking on an attachment or link that looks like it was sent from someone you know. With phishing emails becoming more realistic and convincing, you should still always be cautious before you take any action. Here’s some things to look out for in a phishing email.

6. Update your computer

I know updates can sometimes seem inconvenient and it’s very tempting to click the ‘delay’ or ‘postpone’ option, but updates patch newly discovered security vulnerabilities, fixing gaps that could be used to attack your system. Therefore, if you’re running on older versions of your system and programs, you leave your computer open to these exploits. Anti-virus, anti-spyware and other security programs can keep your machine protected to some extent, but keeping your software up-to-date is one of the best ways of protecting against malicious code and hacking attacks. 

7. Never give out account details

You should never give your companies bank account details, payment information to anyone over the phone, email or online unless you know it’s secure or from a person that you trust. If you’re unsure, don’t take any action until you can confirm the transaction with the appropriate person. 

8. Avoid public wireless networks

Public wireless networks may seem convenient, especially if you’re travelling for work, but it can also be a threat to your privacy, meaning you might want to think twice about connecting. If you work for a company, you have a legal obligation to protect the privacy of your internet activity. Your home Wi-Fi is encrypted, but the coffee shop you may decide to do some work in before you catch the train isn’t. This means you’re at risk of people monitoring your online activity. WiFi uses radio waves, and radio waves are anything but direct. They broadcast, and this means that anyone within range can see everything you’re doing online, if they have the right software. 

This means that, without protection, anyone who wants to can see: 

  • Every site you visit 
  • Every bit of text you send out 
  • Your login information for various sites 

The danger here is clear, so naturally you’re going to want protection. Sometimes free WiFi seems too good to be true; sometimes, it is. If you’re connected to a WiFi network, and have no idea whose network it is, beware: the hotspot might exist entirely to steal your personal data. Setting up a WiFi network is neither hard nor expensive, and scammers have started doing so in the hopes they can steal passwords and other personal information. If you connect to a network called something like ‘Free WiFi’, with no password required and no welcome screen, it might be a trap. 

9. Keep a tidy desk

If you have important files, passwords scribbled down and account details laying around your desk, you’re openly exposing confidential information for the world to see. But why would someone want my login details? Shocking realisation – your details could be the gateway to exactly what a hacker needs to gain access to company information. This could have major consequences and a life changing effect on your organisation, so always keep a tidy desk to avoid a possible breach.

10. Report anything suspicious to your IT support team

Whether it’s an email attachment, an email from someone suspicious looking for information, or your computers performance being slow or unusual – always consult your IT support team. You’re always better to be safe than sorry.