Data Security Considerations When Employees are Working from Home
Working from home is raising lots of challenges. One of these is data security and right now, many businesses are experiencing a surge in security threats as fraudsters look to capitalise on the COVID-19 situation.
In the office, you have firewalls and anti-virus software to protect you and the business. Plus you’re in ‘work mode’, so you take care about the emails you open and the websites you visit.
The same may not be true when you’re working from home. You might not have the benefit of the same levels of IT security as you have at work. You may also have multiple competing priorities, so you’re less focused and less likely to spot rogue emails or websites. With all this in mind, now is the time to remind employees about the importance of data security.
Data Security Tips for Employees
In many cases, data security is about being vigilant. It may be accidental, but there’s a risk of data being compromised when other people have access to a device, for example if an employee’s home office is in a communal area of the house where a partner or children also spend time.
To minimise the risk, remind employees to lock devices or put in place automated IT settings that lock screens after a set amount of time and consider shortening this timeframe. If an employee is using their home computer that the rest of the family has access to, ask employees to create separate logins.
If employees are using company devices, make sure the antivirus software is up-to-date. If they’re using their own devices, make sure they have adequate virus protection installed and updated. You may even consider providing anti-viral software for private devices and we’ve seen some employees claim back on expenses for that.
Just as they would when they’re at work, ask employees to think before they open email attachments, click on links or give out information. Scammers and fraudsters are seeing the opportunities to take advantage of people in the lockdown. Researchers monitoring global Covid-19-related phishing activity are seeing steep rises in attacks and the trend is likely to continue:
- 137 incidents in January
- 1,188 incidents in February
- 9,116 incidents in March.
The National Crime Agency warns: “Huge increases in the number of people working remotely mean that significantly more people will be vulnerable to computer service fraud where criminals will try and convince you to provide access to your computer or divulge your logon details and passwords.”
When it comes to invoices, ask employees to double check invoices before passing them on – invoice scams are a very common cause of fraud. 44% of small to medium-sized businesses have been targeted by fraudsters in the past and 23% have fallen victim to fraud. If the rise in phishing activity is anything to go by, it is likely that fraud attempts will rise too.
Checks for the Finance Team
As well as asking employees to be vigilant, there are things you can do as a finance team too.
For example, you may want to be more vigilant about processing invoices. You may also want to double-check expense claims. Sadly, one in five employees thinks it’s acceptable to exaggerate expense claims and the current climate may mean some employees are willing to take more risks.
Checks for the Wider Business Team
It’s likely your business is already looking out for these, but just in case, here are a few things to think about.
- If you aren’t already using them, consider how using VPNs or encryption software could help you maintain data security.
- Make sure you have an up-to-date cybersecurity policy in place that covers home working.
- Make sure your insurance covers you for data security issues when employees are working from home.
There are challenges for every business at the moment. But by taking control of data security, coping with the consequences of fraud or a data breach needn’t be one of them. Digitising and automating your finance processes, such as expenses and invoices, adds extra layers of security to your business by:
- Centralising business spend so you have better visibility
- Removing error-prone paper receipts and invoices from your process
- Protecting your data within a secure digital environment
- Accurately capturing line item details
- Putting in place spend thresholds and audit rules to spot and eliminate risks
We hope you’ve found these tips helpful, but if you’d like to talk to us in more depth about increasing the security of your spend processes, we’d be happy to have a no obligation chat.