January is behind us and as the new year really gets going, we thought we would highlight some useful tips on policies for working outside the office. In addition, we take a look at how the hackers are trying to circumvent email protections with new social media phishing techniques.
Working in public spaces
Hybrid working is now common practice for many, however even if you are mostly office based, you may well be working whilst travelling on trains or aeroplanes. With the portability of our devices, it’s very easy to undertake your private office tasks in public spaces but are you doing this securely? Make sure you create a comprehensive written remote work policy that is clearly implemented and regularly reviewed. Below we provide some key aspects of on how to maintain privacy for business tasks outside the office:
- Mandate VPN usage – make sure that all employees use VPN to establish secure data access over public Wi-Fi
- Prevent visual hacking – issue privacy screens – and make sure they are used – to prevent passersby from seeing and stealing sensitive information
- Maintain physical security – if employees are outside the office, mandate that they keep their laptops and devices with them at all times
- Avoid confidential conversations – employees should never discuss sensitive business matters in public, where they could easily be overheard
LinkedIn DM phishing
We have all become used to the numerous email phishing attempts, however as tools to protect email are increasingly implemented, the hackers are getting evermore creative and turning to social media. This cybernews article focuses on the ReliaQuest Threat Research team that has revealed how attackers are using direct messages to send “high-value” corporate employee targets a malicious download link over LinkedIn. This campaign apparently used a technique allowing malware to run under the cover of a legitimate programme, demonstrating how criminals are combatting improved inbox security.
