Cybersecurity: Minimising risks while working at home

TagsRisk consulting

Social distancing measures have led millions of people to work remotely – some for the first time. Businesses must be wary of the cybersecurity risks that such a setup can create. Below we outline the challenge and the solutions to minimise the vulnerabilities of working online from home.

The challenge

Covid-19 measures have caught companies off guard: many had not prepared or tested for remote working (remote working policies, security training and testing of infrastructure, etc.). Remote working creates an opportunity for cybercriminals: national cyber security centres around the world have already reported an increase in phishing emails, with infected attachments falsely claiming to deliver ‘Covid-19 safety measures' to the reader. Some of these phishing campaigns could end in reportable data breaches and cybercriminals will take advantage of remote access that is insecure and generates security vulnerabilities.

Seven solutions

If remote working solutions have been rapidly implemented in your organisation, here are seven ways to minimise cybersecurity risks:

Policy - Refresh and communicate acceptable use of information systems policy which informs staff on how to handle and protect sensitive personal and business information.
Passwords - Ensure that staff passwords are strong and have been recently changed. Use multi-factor authentication.
Phishing - Conduct phishing simulations with staff to help them avoid falling prey to Covid-19-related attacks.
Awareness – Issue regular communications to staff to raise awareness of the type of cyber risks so that they are clear of the steps they can take.
Testing – Conduct vulnerability scanning and penetration testing on critical systems, network or web applications to find security gaps that an attacker could exploit.
Device security – Ensure personal and company data can only be accessed by secure devices. Meanwhile, restrict the ability to copy client data to personal devices and ensure remote workers are using a secure wireless connection.
Email security – Monitor the use of personal email addresses for work purposes. Where possible, restrict the use of auto-forwarding technology to prevent company data being sent to personal email addresses.

Even in times of uncertainty, organisations need to take charge on these critical cybersecurity risks and build resilience to protect, respond, and recover from cyber-attacks. Mazars supports public and private sector organisations of all sizes in their cybersecurity technical and organisational controls, and we can typically carry out these activities remotely.

Risk consulting news

21 April 2025

AI Literacy: A Must-Have Skill for Businesses

Artificial intelligence (AI) is rapidly becoming an integral part of business operations and daily life. Yet, many organisations struggle to fully grasp its potential, risks and limitations.

14 March 2025

Crypto-asset service provider authorisation form

This article delves into the main components of the application form, highlighting the key areas that applicants must address to gain authorisation.

Board Effectiveness Reviews

Providing an independent perspective to help boards identify improvements and reach their full potential.

Dera McLoughlin Partner, Head of Consulting - Dublin

Detailed profile

Consulting

Transforming organisations by aligning people, processes and technology

Cyber security

Build technological resilience so you can operate with confidence

IT consulting

Information is one of the most important assets in any organisation

Cyber behaviour & culture - Mazars in Ireland

Cyber behavior & culture

Most reportable data breaches are a result of human error. By focusing on understanding online human behaviour and an organisations culture, Forvis Mazars can help you to design engaging and practical cyber policies, deliver education and implement effective work practices that reduce cyber risk.