Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Partners
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Careers
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Blogs
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
FAQs
We've put together a comprehensive list of frequently asked questions - along with our responses - to the most common GRC and SAP security issues.
3 April 2020

5 tips on staying secure when working from home

In most countries seriously affected by the current global pandemic, governments have forced any organisation that can to implement home working for its employees with immediate effect. With the focus on getting the basics in place quickly to ensure people can continue to work, security measures can often be overlooked - and therefore exploited by cyber criminals and opportunists alike.

 


In this post we outline 5 pragmatic and highly effective steps you can advise your workforce to follow to minimise their security vulnerabilities.  


 

Step 1: Watch out for Phishing

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication, typically through email or text. Cyber criminals are using the current crisis to send communications pretending to be from banks or Government organisations, such as the HMRC, offering loans and grants.  

If you receive any emails or texts of this nature you must validate the information before responding. Check your normal trusted forms of communication from these institutions for consistency and also head over to their official websites, as they often have warnings about this type of activity. 

 

Step 2: Secure your home network

Cyber criminals are constantly looking for weak spots to exploit, and one of the easiest ways for them to gain access to confidential data is through unsecured WiFi networks. The accessing of company and client information via an unsecure and unencrypted Internet connection leaves your organisation vulnerable to a data breach, as hackers seek to exploit security flaws to access your sensitive data.

Your IT team should have set things up correctly from their side, but you need to look at your own WiFi router settings - look for a padlock icon to signify your network is secure. You should also ensure you have changed the default password given to you by your Internet Service Provider - these are commonly used and maybe known to cyber criminals.

 

Step 3: Update everything

Another common vulnerability is that software and devices are not updated - such as smart phones, laptops and tablets. Encourage your teams to upgrade their software to the latest version supported under the company's security policy. It's worth noting that some organisations lag the release schedule for Apple software, though most don’t. Where possible you should activate automatic updating on all your devices.  

Don't forget device updates also apply to digital assistants, such as Alexa and other smart home applications such as light switches.

 


 

Watch the full video: '5 tips on staying secure when working from home' through our COVID-19 Risk and Security Hub

 

Andrew video

 


 

Step 4: Don't share your work device

The use of portable laptops and mobile phones has allowed workers to be more flexible with where they work, making the shift to remote working much easier than it would have been only a decade ago. However, the flexibility that these devices bring all comes with an element of increased risk. If you lend your work devices to family members such as children they can, unintentionally, put your data at risk. It can get deleted by mistake or new applications can be added that aren't safe.

This can result in unexpected yet harmless outcomes - such as the example of the manager who joined a Zoom call with her team and turned herself into a potato! Or much worse, someone could accidentally install malicious software that might steal your data.

 

Step 5: Secure your confidential items

It's easy to forget that your home is not like an office where you can book a meeting room to have a confidential conversation, or where you can lock confidential files away securely. It's important to ensure you follow similar protocols that you would normally adhere to in an office environment. Find a quiet room to have confidential conversations where you cannot be overheard - young children could be listening in and unknowingly share confidential information on social media, so you should always be cautious. 

 

The infographic below provides a quick reference for your teams to follow. If you'd like to watch our short video that provides more details on each of these steps, just visit our COVID-19 Risk and Security Hub.

 

TK_Infographic70420-min (1)