Businesses have been warned to tighten up their data security procedures to tackle a new wave of cyber threats as millions of UK staff are forced to work from home due to the coronavirus pandemic.
Both the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office have published advice on security measures to support home working.
NCSC said it is new phenomenon for many organisations and employees and has outlined its recommended steps, with a particular focus on how to prevent damage from phishing emails.
The guidance refers to the NCSC’s earlier advice on spotting phishing emails, the main message of which is not to clink on links in any message that looks suspicious.
It adds that there are steps that can be taken if a link is accidentally clicked, including running a full scan with antivirus software and quickly changing passwords if one has been given to the scammers.
It advises firms to ensure devices encrypt data while at rest in case they are lost or stolen, and that they include tools for them to be remotely locked and the data erased.
The advice also recognises that remote workers might need to use different software at home than when they are in the office, and the employer needs to produce written guides for the relevant features and the test the software works properly. The organisation should also consider producing ‘How do I?’ guides for using specific tools.
Meanwhile, the ICO said: "Data protection is not a barrier to increased and different types of homeworking. During the pandemic, staff may work from home more frequently than usual and they can use their own device or communications equipment.
"Data protection law doesn’t prevent that, but you’ll need to consider the same kinds of security measures for homeworking that you’d use in normal circumstances."