Newsletter & Blog

Managed Security Officer

Businesses are now having to have a number of its employees working from home, which in itself raises new issues and I am finding that many, particularly in the mid-market, don’t really appreciate the additional and somewhat different risks that this poses, especially for business where remote working was not, in the past, something they did.  I have in fact noticed a tendency for some people to decamp to the various coffee shops, where they are open, and work from there.  I even saw and advert from one venue which offered a seat for 3 hours, with power and WIFI, a coffee and a small lunch, all for a tenner.  Of course these risks, both working from home and from the coffee shop, vary from business to business, there is no such thing as one size fits all, but the one thing I do know is, that sooner or later there is going to be some serious issues coming to the fore, both in terms of Cybercrime and data loss, the latter perhaps incurring the wrath of the authorities, assuming of course that some businesses haven’t already been hit and are keeping schtum about it.
Work-from-home employees are at much greater risk than those in offices. Since home connections are less secure, cybercriminals have an easier entry into the company network.  Furthermore, the explosion of various online tools, solutions, and services for collaboration and productivity tend to have the bare minimum of security default setting, and updates from third-party vendors can change security preferences and be easily overlooked.
Phishing becomes an even greater threat to home workers simply because, in an office environment, they have access to colleagues and managers, who they can approach for advice and guidance.  This is much harder to replicate with remote workers, especially those who may not be particularly tech savvy and who may not wish to become ‘burdensome’ to their co-workers.
Much of home working has been enabled by allowing users to use their own IT to access the company network and data.  This again comes with a lot of problems and risks.
Since the COVID lockdown measures were eased, I have noticed that the coffee shop keyboard warriors have returned.  I dropped into one the other day and there were 4 people with their laptops open, working away on business issues.  At least 2 had spreadsheets open (and easy to read if you were sitting behind them), and all had their email open.
Of course, this is nothing new, it’s been ‘a thing’ for years now, but is it a safe thing to be doing?  A recent survey suggests that a high proportion of the connections to unsecured Wi-Fi networks result in hacking incidents, often from working in coffee shops, restaurants, airports, and other public places.
If you are among those Wi-Fi lovers, there’s bad news for you… your online privacy and security are at risk, as long as you rely on the weak to non-existent Wi-Fi security protocols at coffee shops.  This means that you could be exposed to various threats such as identity theft which has over 15 million cases each year, data theft/breaches, introducing malware to your business network and that of your customers/suppliers.  This list is not exhaustive.
Free or public Wi-Fi’s are hotspots for hackers and data snoopers who want to steal your private data or financial information. Needless to say, it is pretty easy for hackers to do that nowadays. You will be surprised to know the different ways hackers can compromise your device or your private information and why you shouldn’t rely on Wi-Fi security at coffee shops as they come with certain risks.
So what is missing for most SMEs, even the larger end of the middle market?  Well, generally it’s that they don’t have the relevant Cyber security resource in house or indeed, within the IT company they generally have under contract to maintain their systems and equipment.  Such resource is expensive and hard to come by, even the large enterprise companies and finding it difficult to recruit. 
H2 offers a Managed Cyber Security Officer to provide advice and guidance, and manage security issues in regard to your online security, from assessing your threats and vulnerabilities, to working with your IT partner or staff to ensure you are protected. You can choose the number of hours per month you wish to purchase, on a rolling contract which you can cancel with 30 days notice.