annabel
Staying Safe Online | annabel’s Top Tips
During lockdown, the annabel team took part in a power hour hosted by our IT partner, Informal IT, on the theme of staying safe online particularly when working remotely. This is something which will continue to be at the forefront of the operational agenda for small businesses as we navigate the “new normal” and so wanted to share the learnings from this session with you.
“Computer says no”
Whilst we may not like to admit it (particularly us uber-professional Private Assistants!), 9 times out of 10 it’s not the computer that is having issues it’s the person in front of it. To mitigate human error and exposure to cyber risks, it is essential that we optimise our environment to avoid physical and mental fatigue and the number one issue for work-from-homers; postural problems.
"Size really does matter"
Invest, where possible, in:
- Big ergonomic chairs
- Big screens (preferably multiple screens) set at the right height so that you are not looking down (our heads are way too heavy for the cranial spine region to support)
- Big enough keyboard to type comfortably (believe us; we know about these things)
- Keeping your feet firmly on the ground (even if googling pictures of Paul Mescal)
- Correct ambient lighting
Top Tip
You wouldn’t spend time fatigued at the car wheel so don’t spend time fatigued at your computer. If you do feel tired, write the email message before you populate the address field to give you a chance to review.
“Pardon, say that again”
Overhearing credit card details on the train; private conversations from neighbours’ gardens or in Starbucks on the table next door …just be aware of who is around you. We strongly recommend purchasing a privacy screen and, having tried and tested with the team, it really does make all the difference and at an affordable price too.
Also, be aware of where you are. Don’t sit with your back to the window in a public place as people can walk past and see your screen. Ensure you have a default screensaver setting activated even at home if you leave your laptop unattended for any period of time...and yes, we all know how easily it is to get distracted (children, washing machine, deliveries etc.) but a little bit of info goes a long way in the wrong hands.
Top Tip
If you do think you have been the victim of a cyber crime; report it to the website owner; company in question; and the Internet Service Provider – sites usually get shut down within 2 hours.
"The techy bit"
Whilst we may not have the time or technical prowess to fully digest the CIS (Center for Internet Security) Critical Security Controls Rapid7 Compliance System; the backbone of all good risk management systems, our friends at Informal IT have dissected the guidance into bite-size chunks which are easily consumable for both sole traders and small businesses:
If there is one bit of advice to take-away from this article then this is it….make sure you know exactly WHAT IS ON YOUR COMPUTER; you won’t ever be able to effectively deal with the consequences of a data breach (hacking, virus, theft, phishing attempt etc.) if you don’t know this fundamental information.
As a safety net; all client data needs to be fully encrypted (both backups and on laptops) and the encryption key safely stored away.
Be very wary of using public wifi; tether your phone or use a dongle; hackers are less likely to intercept cellular data than wifi.
We all know the best practices when it comes to password management but do we actually follow the rules (come on be honest); set up 2FA on as many of your accounts as you can; use a password manager and; important sites (banking; personal social media; client portals) should have separate and different passwords which are changed regularly. Think about what constitutes a good pass”phrase” as opposed to password; trust us, they are so much easier to remember and allows for a bit of creative amusement too!
Top Tip
Sign up to haveibeenpwned with all your email addresses to see if your email address(es) appear on any list of credentials which are being harvested by known cyber criminals. If so, change your password ASAP together with other sites which may share the same credentials.
Ensure backups are encrypted and are safe (fireproof safe / in the care of a close family member) Don’t think that everything in the cloud is backed-up – yes it’s replicated but this is not the same thing. Back-up is offline, cold (out of the way) and secure (encrypted).
When WFH and managing a continual stream of Zoom calls, it can be very tempting to share your screen (especially if you are very proud of yourself for working out how to do this!) – before you do share though check what other tabs on your excel spreadsheet are open or (embarrassing) windows on Chrome…minimize everything or specify an application if using Microsoft Teams.
Consider installing browser add-ins to your browser(s) to block pop-ups; automation and external links unless your specific authorisation is given or use different browsers for visiting different sites depending on their familiarity and know level of security.
Don’t use a USB unless it’s given to you by someone you’d share a toothbrush with…yes seriously.. and if you are travelling to Italy, Brazil, China, as well as some parts of the US, invest in a USB data blocker; it goes between your phone / laptop and the power source and blocks all the data pins only allowing power through.
As well as ensuring all your hardware and software is automatically updated remember to keep your anti-virus updated too. Run your devices as a user rather than an administrator and have User Access Control set at a level where it will prompt you before installing anything.
Stay safe everyone (online and offline!) and always remember do not click if you are not 100% confident of the source.
