The Euro 2016 football tournament, hosted by France, brings together 24 teams for 51 matches. Millions of fans will be watching the games in stadiums and at public screenings. Being a popular sport to watch in the Middle East, some employees have taken to working from mobile devices while watching a game with fellow supporters. The IT security risks of such behavior are immense. Neither employers nor employees may be fully aware of or prepared for just how vulnerable they are about to become.
To help everyone keep important business data safe, regardless of where they are, Kaspersky Lab has drawn up a short essential guide:
10 things remote-working fans can learn from the players on the pitch
- Take responsibility for your own performance: A recent Kaspersky Lab study into ransomware found that less than 4% of adults in the US would mind if work documents on their device were lost through cybercrime, while 77% would panic if they lost financial info. Indifference doesn’t lead to secure behaviour. If you are planning to work on the move, you need to feel responsible for the safety of the business information you
- Everyone is watching you: Logging into a device where anyone can look over your shoulder and make a note of your password or the work you’re doing – so-called ‘visual hacking’ – makes it easy for others to break into your device or steal information. Keep your data to yourself.
- Keep your eye on the ball: Phishing and ransomware emails look increasingly convincing and can even appear to come from a colleague. If the message is unexpected, contact the sender directly, and never click on an attachment or a link in an email from someone you don’t know.
- Don’t reveal your game plan: Don’t transmit anything unless you know it’s encrypted. With WhatsApp and Apple’s iMessage service now encrypting communications end-to-end as standard, email is rapidly becoming the most vulnerable form of business communications. Use the most secure channel you have access to.
- Beware of man-in-the-middle attacks: Using a free, public Wi-Fi network to stay in touch with work is extremely high-risk. An attacker can easily insert themselves into the network and spy on or intercept all your communications. They can do the same between an email and your business server. End-to-end encryption prevents this – so if you don’t have it, don’t email till you’re somewhere secure or use a VPN (virtual private network).
- Prepare for the worst: Employers unprepared for the sudden increase in remote working may not have the most appropriate security installed on work devices, let alone employees’ personal devices. If it’s too late to get this installed, then at the very least don’t leave home without the most up-to-date version of device software installed. Mobile devices are not immune to cyberattack: in 2015, Kaspersky Lab prevented nearly three million attempts to infect mobile devices with a Trojan.
- The referee can make mistakes: Websites, network service providers, operating systems do their best to provide protection or alerts. However, the baddies are increasingly cunning and if there’s a point of weakness, they’ll find it. Confine your remote work to things that are not business critical or sensitive.
- But don’t blame the referee for all mistakes: Sometimes things go wrong; devices get broken, lost or stolen, or affected by malware or ransomware. The best thing to do is to come clean and let your IT department know immediately so they can take appropriate steps, such as blocking or remote-wiping the device, or isolating the malware before the infection takes hold.
- Don’t make victory easy for the other side: Cybercriminals generally prefer the path of least resistance. Solid security, security updates, a hard-to-crack password, the use of the latest software, a business VPN and encrypted communications all make it harder for an outsider to gain access to your device and business information.
- But don’t expect to win without trying: Kaspersky Lab has found that only around half (53%) of consumers make use of the security features that come with their device. To stay ahead of the hackers, you need to get to grips with these security essentials. It’s about focus and commitment, supported by the right equipment. Just like football.
“Euro 2016 should be a celebration of football for fans the world over to enjoy. Sadly, occasions where people are more relaxed about device and data security can quickly become a happy hunting ground for hackers. Cybercriminals won’t hesitate to pounce on an under-protected football supporter trying to work remotely. A few basic precautions before, during and after the match will help employers and their workforce to stay safe – leaving them free to enjoy the glorious spectacle of sport,” said David Emm, Principal Security Researcher, Kaspersky Lab.