fbpx

Keeping your Team Safe During the Festive Season

The festive season is a time for celebration with family and friends, it is however also a peak time for cyber criminals. Each year cybercrime ramps up drastically during the holiday period. They aim to exploit the distractions caused by this time, including the fact that some staff may still need to work remotely. Here we will touch on some of the things you and your Team can do to protect themselves during the festive season. While these will be focused on the festive season, these tips will benefit you and your team all year round’.

Being aware of holiday-themed scams

With many staff members having emails on their phone, they are likely to be checking them during the festive season. Even during holiday closures. Phishing emails are still one of the most common entry points for threat actors. Especially during the festive season warn employees about fake emails which may be impersonating delivery services, holiday deals, fake invoices or charity requests.

These kinds of phishing emails commonly contain malicious links, encourage scepticism toward links in unsolicited emails or messages and create a culture of always verify. Many attackers will try to bypass security using QR codes. Encourage your teams to never scan a QR code from an email. Some of the common Phishing links during this time can include fake AusPost emails and SMS. Be sure to forward any emails you are unsure about to your IT Team.

With reduced staffing in offices threat actors may also try to use social engineering to trick staff into giving up company information or changing customer details such as bank accounts over the phone. Remind employees that cybercriminals may use a ploy related to the holiday season to gain trust and manipulate them into sharing sensitive information.

Securing devices when working remotely

With staff working remotely, its important to ensure they do so securely. Your IT partner should have these controls in place year-round. If your company uses a VPN or Zero trust layer to access resources, it’s important to ensure this is enabled when working remotely.

Physical security is also important, ensuring devices are locked when in public or at home. This avoids threat actors in public, but also accidental loss from children or other family members using the device for non-work activities. Your IT should also have set a short timeout when walking away from your device.

When using devices remotely your team should avoid using public Wi-Fi, especially networks that don’t need a password to connect. Instead try to use your mobile hotspot as a trusted connection when out and about.

Its also important that staff do not login or register personal devices to the company network, accounts or emails. Unless the business has specifically approved this. These devices are unmanaged by your IT and you have no control over the security of the device.

You should avoid allowing staff to use personal data storage such as personal OneDrive’s or Dropbox, to ensure you company data remains within company control. This is likely already a policy you have however its important to reinforce to ensure standards don’t slip over the festive season.

IT Support during the holiday period

During the festive season, its important for your teams to know how to contact IT for urgent or pressing issues. While many businesses close over this period, IT teams will likely have someone on call who is also keeping an eye on alerts. Verify with your IT partner their preferred contact method for this period.

Now can also be a good time to refresh your team’s cyber security training. If you use security awareness training, it can be a good time to send some pointed refresher videos or guides.

Wrap Up

The holiday period can be a busy and stressful time for everyone. By spending a little time considering your Christmas closure plan, you can ensure you and your team have a safe and happy holiday season. Your IT partner can also work with you to plan and prepare, and that’s exactly what we do at FordhamIT. We partner with our clients to take the stress away from their IT and Cybersecurity. If our article has brough up any questions for your business, get in touch and we’d love to help.