How to protect your data working from home
While data security is something every contractor should be aware of anyway, the increased levels of working from home during the coronavirus pandemic have made it even more important. When working at clients’ offices, you have access to their security systems, their disposal methods, and anything else that comes part and parcel of working within a secure working environment.
Your home is
a) likely to be much more lax, and
b) not set up to individual client specifications.
So, what do you need to be doing to protect your and client’s data while working from home? We’ve pulled together some top tips.
Handle paper documents correctly
We know your partner and toddler are unlikely to leak information from secure documents, but that’s still no excuse to leave them lying around on the dining room table. Instead, when you’re not using them, lock them away in a secure filing cabinet or even a home safe if the information is really sensitive. They shouldn’t just be out of sight, but behind lock and key as well.
The other thing to note is the proper disposal of documents. Do not go putting them in your dustbin as they are. It may sound disgusting, but data thieves have no compunction about rooting around in bins. Instead, invest in a shredder to properly destroy sensitive documents.
We’d recommend a cross-cut shredder or micro shredder over a standard model as these cut the paper into much smaller pieces that are virtually impossible to piece together again. If you have the space in your garden or you have a wood-burner or open fireplace, burning documents can be a good alternative – although you need to make sure you do it safely.
You could also look into confidential waste services near you, that safely destroy and dispose of documents for a fee.
‘Password’ is not a good password
Ensure you have strong, secure passwords for everything and that every password is different. If this sounds like too much hard work, or you’re worried you’ll forget your passwords, then you need to look at purchasing some password manager software.
These will generate strong passwords for you and, crucially, remember them so all you have to remember is your one master password for the software. Genius. And a worthwhile business investment.
Keep an eye on your spam
Most email clients are pretty good at spotting spam and phishing emails these days and will automatically send them into your spam folder but, occasionally, one or two do make it to your inbox. And we’re increasingly finding ourselves getting scam messages by text and WhatsApp.
Remember, if it seems a bit fishy then it probably is so don’t click on it. If in doubt (for instance, if you’re not sure if it really is your bank or phone provider) then give them a call to find out – just don’t go using the number provided in the suspect email or text message. Instead, source the number in the way you normally would from their website or from paperwork you have.
Things to look out for in potential scams are unofficial-looking email addresses, requests for passwords or other security information, and requests to click on specific links that do not take you to the official website.
Ensure you have anti-virus software
It’s always amazes us how many contractors don’t bother with anti-virus software, or who just have a bare minimum product that’s not really fit for professional use. You want something that covers you for viruses, malware, ransomware, spyware, adware, as well as blocking dodgy websites, providing you with a firewall and giving you real-time protection – not just something you manually run a scan with once a week.
So, if you don’t already have this kind of software, start shopping around as it’s a very worthwhile business expense.
Back up your data
Backing up your data in case of computer issues should be a standard practice for all contractors anyway. In this day and age there are a couple of ways to do this.
You can backup locally using an external hard drive, which you would store securely in a safe or locked cabinet when not in use. The benefits of this are primarily around not requiring an internet connection and a simple one-off cost for the hard drive. However, there is also the danger of the hard drive being lost or stolen, as well as the fact that you need to remember to perform the backups manually.
The other method is cloud storage. For these services, your data is backed up remotely on a secure server and you pay an annual or monthly charge for the use of the service. These can be set to automatically back up your data as you work and have the benefit of you being able to access it from any internet-enabled device. So, should your computer break, you could access data from a new one without any loss.
Get cyber insurance
Cyber liability insurance sounds like something only people working in IT need, but it’s really for anyone who works with any kind of digital data… Which is pretty much everyone these days.
Different insurers offer different levels of cover, but with Kingsbridge’s Cyber Liability Insurance you get cover for:
- Business interruption costs
- System and data rectification
- Regulatory defence and penalties
- Cyber extortion and ransom costs
You also get access to ReSecure, a 24-hour cyber incident support service and helpline. Should you find yourself the victim of a cyber attack, they will help find the cause of the breach, as well as assist with recovering lost data and restoring your systems.
In addition to this, they will give you a picture of the effect of the attack and offer guidance on any legal or regulatory repercussions.