Staying cyber secure in a hybrid working environment

As a cybersecurity provider and partner of RIBA, Mitigo understands the issues the new hybrid working models pose for architectural practices. Below they answer some frequently asked questions around keeping your business safe from cyberattacks.

Like many practices, we continue to have some staff working from home, and we expect to continue with a hybrid working model in the future. Why does that increase our risk of a cyber breach?

There are a number of reasons. Firstly, staff tend to behave differently in a home-based environment and may let their guard down. Cybercriminals know this, and actively create new phishing attacks all the time, to exploit a lack of training or inadequate policies and procedures.

In addition, there are important centrally run technical controls that do not operate effectively when staff are remote working. Laptops and other devices used remotely require different technical configuration which, if not done correctly, leaves them vulnerable. Finally and crucially, remote connections back to the office network are rarely configured securely, and this is now a common Achilles heel.

So how can our staff help to keep us safe?

Wherever your staff are based, one of the biggest vulnerabilities lies in the day to day practices of people. But they can also become an important line of defence. Make sure everyone receives cyber awareness training to help them recognise fraudulent emails, infected videos (usually on social media) and other phishing attacks. Undertake simulated phishing exercises. This is a great way to identify the individuals in your practice who may be vulnerable, and for whom more training is required. You should also have the right policies in place to fit the way you are working with checks and controls to ensure that staff are complying with the rules.

How should we secure remote devices?

There is a whole host of things to consider here. Make sure your anti-virus application is completely up to date and configured proactively to scan the device, attachments, and downloads. Re-configure machines to update operating systems independently (in the absence of central management). Think about whether your remote working interferes with the effectiveness of your backups, and reconfigure them accordingly. Carefully review and limit administration rights and access management, so that you limit the access and damage that any “intruder” can do. Enable encryption (without exception) to protect in the instance of a lost machine, and think carefully about where to keep the encryption recovery keys.

How do we secure the connections from home workers back to the office?

This can go horribly wrong if done incorrectly. Our advice will vary dramatically depending on your business processes, your IT set up, and the third party software you rely on. It is a complex area but points to consider include:

1. remote connection software must be kept up to the latest version to protect against known vulnerabilities;
2. where possible, only allow work (rather than personal) devices to connect, and only after they have been correctly configured. Allowing home and personal computers to connect to your secure network massively increases risk, and;
3. strong authentication is absolutely crucial e.g. multi-factor on Office 365. Applications, where you log on via a web page, should have something that is stronger than just a password. If you must rely on a password, make sure it is strong and unique (not shared or reused), and definitely do not store it in plain sight.

Thank you to Mitigo for providing these useful answers around how businesses can ensure cybersecurity around hybrid working arrangements. View the full service offer on our technical security page. For more information contact Mitigo on 0161 88 33 507 or email riba@mitigogroup.com.