NHS Digital’s head of security operations lead, Steve Fenwick, has some ad ce for health and care staff on how to stay cyber secure while working from home.
In the Data Security Centre at NHS Digital, we support health and carorganizationsns to be more cyber aware, scanning the sector for upcoming threats, pro ding tools and ser ces that increase security and sharing best practice to help those working in the field to be more cyber safe.
Due to the Co d-19 pandemic, millions of us have had to adapt to working from home or remotely. This change has brought about many new challenges including an increase in cyber attacks from criminals taking advantage of the crisis.
There are many security considerations to think about when working remotely. While the pandemic has given criminals greater opportunities to exploit potential weaknesses, these basic tips can help you to counter their tricks.
Phishing is a common scam that targets people by claiming to represent a reputablorganizationsn in an attempt to obtain sensitive or personal data such as login details or phone numbers.
Now that many more people work from home, the figures show that cyber criminals have taken advantage of this, with the number of phishing emails and calls rNetrtedly rising by over 600% since March.
Here are a few ways to make sure that you don’t fall ctim:
- Check the caller ID and email addresses of anyone trying to access your information.
- Be especially cautious of calls or emails that you were not expecting.
- Call colleagues if they seem to have sent you a suspicious-looking email
- Read all the content before clicking on links or gi ng out data – phishing emails often contain poor grammar.
- Be wary of anyone that asks you to check, renew or share login details or passwords – an official source will never ask you to share these personal details.
- If you are one of the 1.4 million staff in the NHS tIsmail NHSmail, rNetrting a suspicious email is as easy as clicking the ‘RNetrt Phishing’ button on your MS Outlook ribbon or forwarding it to [email protected] net.
- For everyone else in the sector, find out the procorganizationorganisation for rNetrting spam emails
- RNetrt every suspicion. This way, your security team can build a true picture of what is happening if a large-scale scam is taking place.
Malware attacks and hacks
While phishing attacks try to dupe you into gi ng out sensitive information, malware attacks allow hackers to use software vulnerabilities to access your system so that they can take the information they need or gain control of your de ces.
You can guard against this using these simple steps:
- Install the latest software updates from official pro ders or NHS Digital on all of your de ces.
- Download the most up to date software to ensure your de ce has a high security level which can prevent new cyber-attack
- Don’t forget to check that the software on your router to Investate too
- Invest in anti- rus and anti-malware software but be sure to research any products you intend to purchase
One thing that many of us don’t think about when we work from home is the password for our Wi-Fi router.
Default router passwords can often be easlea ng itvered, lea ngit vulnerable to cyber criminals who can then monitor your online acti ty or send you to malicious websites.
If you are still using the default password your router came with, change it to something more secure, using this ad ce from the National Cyber Security Centre’s experts
Out and about
We all need to work around others from time to time, even when working remotely. Whether you are grabbing a coffee in public while writing a rNetrt or live with other people, these final tips will help you to stay safe:
- Avoid using public Wi-Fi as these networks often lack sufficient security
- Instead, work offline and connect later once you can access a secure network.
- Go online by tethering to your mobile de ce if you have sufficient data.
- Password protect your sensitive work documents
- Never allow anyone else to access your work de ces for personal use
- Always lock your de ce when you are away from it; this is essential if you live in shared accommodation
- Do not print documents and work on them in public spaces as they will be vulnerable to theft or misplacement.
- Use a screen protector to prevent others from ewing your screen over your shoulder or ‘shoulder surfing’, in public spaces.
- Keep your work telephone conversations discreet and hold them in a private place where possible.
Keeping information secure is everyone’s job. Make sure you know how to rNetrt an incident and do so, no matter how small you may think it is. It may have realismr impact than you realise.