Our use of cookies

We and our partners use necessary cookies for the functionality of our website. We would also like to set optional analytical cookies to help us improve the way our website works. These analytical cookies enable us to personalise adverts and content based on your interests, measure the performance of adverts and content and derive insights about out audiences. We will not set analytical cookies unless you enable them.

No personal information is stored in these cookies but if you wish to ensure that no cookies are created on your computer, then you are free to use your web browser’s setting to turn off cookies.

By clicking “accept” you agree to such purposes and the sharing of your data with our partners.

You can find more in-depth information and manage your consent at any time by visiting the Cookies policy page.

Analytical Cookies

We would like to set Google Analytics cookies to help us to improve our website by collecting personal data, such as IP address and cookie identifiers and report information on how you use it. For more information on how these cookies work please see our ‘Cookies policy’. The cookies collect information in an anonymous form.

Necessary Cookies

Our necessary cookies enable core functionality such as security, payment, network management and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

By now, many of us will be settled into working from home, which looks set to become our new normal for the foreseeable future. Workers across the world are not the only ones readjusting quickly, with the cybersecurity threat responding at lightning speed.

The early stages of the outbreak saw an increase in the number of phishing scams targeting people’s fear of coronavirus and linked malware to offers of cures. Now, cybercriminals are targeting those new to remote working with personal data at higher risk than ever before.Even before the control measures for coronavirus were implemented, there was a sharp rise in the number of high profile cyber-attacks, with Boots Advantage Card and Tesco Clubcard experiencing data breaches in the same week.

Since the rise of coronavirus cases in Europe, a Czech hospital was targeted by ransomware, which is expected to be a sign of things to come.

Individuals and endpoints are the targets

Individuals are the favoured target of cybercriminals, which is why the security of devices and the training of end-users is critical. The pressure of working in a different environment with new technology may mean end-users are not as alert to suspicious emails and websites as they would be under normal working conditions. Attacks are mimicking software such as Zoom and Sharepoint, taking advantage of the lack of face-to-face verification of approval requests.

Actions you can take

  • Remind employees what to look out for and the importance of staying alert. Keeping employees informed on the latest examples of attacks, the tell-tale signs of a phishing scam and even running simulations, will help employees understand what to be wary of. Up-to-date training and ongoing refreshers are critical.
  • Review and update your Data Protection and Information Security policies – are they still appropriate for your new working practices or do other controls need to be implemented, such as Data Loss Prevention tools? Are you able to check that employees aren’t cutting corners and sending information through unsecured channels?
  • Review and update your internal policies on homeworking and Bring Your Own Device. Make sure people understand the risk of information being accessed by others in the household or the threat of theft if devices or information are not secure. Additionally, ensuring that personal devices are not transferring company and personal data.
  • Ensure you have internal checks in place whereby your IT team can verify the suitability of an employee’s device and working environment (including secure wifi access).
  • Make sure that your key data processors are also handling data securely in their business continuity arrangements. Remember that as a Data Controller, you’re responsible for ensuring personal data is handled securely throughout your processing chain.  Therefore, it’s essential to check the information security controls they are using while working remotely through updated due diligence.

Omni is ISO27001 Information Security certified covering all Recruitment Outsourcing and Consultancy Services. Omni’s proprietary recruitment software, Appellia, is also covered by this certification with multi-layers of security and this continues to be the basis of Omni’s service delivery model for our recruiters and clients alike throughout this period. For more information, contact our team today.