*Reassuringly dull cyber security e: info@normcyber.comt: +44 (0) 203 855 6215

Home working tips – Speedy, simple and free

Home working

A Cyber Security Article

Published: 02/04/2020 Last Updated: 02/04/2020

The current Coronavirus pandemic means that many organisations are now enforcing home working practices for the majority, if not all, of their employees. While this is an important social distancing strategy in delaying the spread of the virus, for some companies home working is a completely new way of operating.

The speed at which government restrictions have come into force also means that a lot of organisations have struggled to ensure that users are adequately set up to work from home – both in terms of equipment and tools, and from an education and awareness point of view.

There are many reports of cyber criminals and hackers trying to exploit the Coronavirus outbreak in order to perpetrate attacks. Phishing is the most common attack type, due to the almost limitless social engineering possibilities. Emails with a subject line containing “Coronavirus” or “Covid-19” are sure to pique the interest of most users.

Home working brings many security challenges, and in an ideal world companies would have adequate time to deploy effective cyber security solutions and educate their users. This is far from an ideal world, and comes at a time when most businesses should be focusing on core operations and supporting customers.

For businesses who suddenly find themselves operating in a remote and virtual world, and for whom this may be unchartered territory, here are our quick cyber security tips to help ease the transition.

User education: by far the most effective strategy is to educate users to remain vigilant and follow cyber security best practices at all times. Online cyber awareness training and simulations for certain attack types such as phishing are available, but come with a cost. However, there are a number of resources available free of charge, and measures you can take yourself:

  • Tip sheets and quick guides are available from organisations like StaySafeOnline, powered by the National Cyber Security Alliance.
  • You could also consider running webinars and virtual drop in clinics for employees to ask questions.
  • Make sure there is a mechanism in place for employees to report suspicious emails and potential cyber security incidents – if they accidentally uploaded a sensitive document to a Cloud-based app, you want to know about it!
  • Instil a ‘no blame’ culture – the key here is openness. If your users feel they may be penalised for a security breach, chances are they won’t report it

Technology and devices: More than ever before, the lines between corporate and home-owned networks and devices is being blurred. More than ever before, the perimeter of your network resides with the user and their devices. Here’s a few quick and easy recommendations to help make sure that your data, devices and users stay safe – wherever they are.

  1. Ensuring that anti-virus and other security software is installed and fully up to date.
  2. Make sure Wi-Fi connections are secure – that means changing the network’s default name and choosing a strong password.
  3. Your users might also want to consider having a separate network for home and corporate devices.
  4. Always connect to the corporate network via a VPN or other secure network connection.
  5. Only use approved devices and applications for work-related activity.
  6. Back up files regularly.
  7. Lock your screen if you use a shared workspace in the home.
  8. Restrict access to the devices you use for work, ideally keep them with you or lock them away when not in use.
  9. Don’t allow friends, family or toddlers (!) to use your work devices
  10. Always think before you click on an attachment or link in emails and messages. Particularly if they reference Coronavirus or Covid-19. Even if the message appears to come from a colleague or someone you know, exercise caution!

The truth is that all of the above measures apply to home and remote workers at all times. We may be operating under unprecedented conditions right now, but this too shall pass. And when it does, the rules of staying safe online won’t really have changed, and they will be just as relevant then as they are now. So perhaps one slim silver lining to this cloud is that cyber security will get the recognition it deserves, at all levels of the organisation. And that is no bad thing at all.

To find out more about how norm is helping organisations to manage their home workforce in a secure and hassle-free way, please click here.

To register for upcoming webinars on this topic, and access our archive of past webinars, please visit.

Appointing NormCyber as our virtual DPO has given Ferrero the best of both worlds – access to data protection experts who understand what we stand for as a business, without the hefty overheads usually associated with appointing an in-house DPO.

Harpreet Thandi
Regional Counsel, UK & Ireland, Ferrero

We were looking for a virtual DPO service that offered all of the benefits of a fully qualified data protection lawyer, without the overheads of an in-house hire. The DPaaS solution from norm. has been invaluable in helping us to ensure we respect the integrity of our customers’ personal information, while using it to continue to deliver differentiated products and services which support our growing customer base.

Mike Whitfield, Compliance Manager

CSaaS allows me to step away from multi-vendor management as the Security Operations Centre coordinates all of the technology for me.

David Vincent, CTO

We were in the market for an independent Data Protection Officer service that was well versed with both UK and EU regulators. We’re thrilled to have acquired this service knowing that an expert is available 24/7.

Suzanne McCabe, Head of Project Management
James Hambro & Partners

Norm’s penetration testing layer, along with the suite of CSaaS modules has enabled MA to exceed all its audit requirements for its major clients.

Rob Elisha, ICT and CRM Manager
Montreal Associates

The speed of your Data Protection Officer’s response was very impressive – it was far quicker than I would have expected even from an in-house DPO

Will Blake, Director of Technology and Analytics
CRU Group