75% of UK workers will be job hunting this January (according to Reed). With many workers pondering new year career resolutions, as a business, you might also be welcoming new starters into your office (or even remotely).
Recent research showed that UK workers are still going into the office (an average of 1.5 days a week), so you must lay down the basic policies and instructions for any new employee.
Cyber Security Guidance specific to office-based employees
Implement Security Policies - Manuals, IT Guidance, Confidentiality (or Non-Disclosure) Agreements
Provide them with physical security access - Keycard, Parking pass, etc
Set up their account access - websites, social media accounts, software, Slack, Canva
Device setup - Laptop, account, GDrive access
Ensure firewalls and anti-virus software are enabled
Give them password guidance & access to your password manager
Show them how to store physical and digital files
Tell them how to share sensitive data with colleagues
Ensure they know how to lock their computer and desktop
Do they know what to do if they receive a phishing email or are the victim of a cyber attack?
Do they need to know their role in your company's Cyber Incident Response Plan?
Guidance specific to Remote / Hybrid Workers
With the growing trend of companies having employees who work 100% remotely or spend a couple of days in the office, you must make employees aware of the security risks they may face. So here are some of the questions you should ask any new hires.
Are they suited to working from home or working remotely? What do they need?
Do you have a policy on home working / remote working / BYOD?
Ensure employees do not use personal social media or eCommerce accounts on work devices.
Make sure employees have account access across multiple devices
Ensure they're aware of your Password Manager
Setup with your company VPN
Recommended when they can/can't work away from home and how to secure themselves in remote environments (cafes/airports/hotels)
What policies should be covered by employers with employees?
Businesses can implement as many policies as they like but they must cover anything relevant to your company and your processes. To help you get started, here are five policies that every business should implement with employees.
Cyber Security Policy
The more we rely on technology to collect, store and manage information, the more vulnerable we are to security breaches. Human errors, cyber-attacks and system malfunctions can cause financial damage and may jeopardise your company's reputation.
A cyber security policy outlines your guidelines and provisions for securing your data and technology infrastructure.
Anti-Virus / Anti-Malware Policy
An Anti-Virus policy aims to promote the use of anti-virus and anti-malware software. Employees should be educated about the Policy and given directions to ensure all legal regulations are followed.
Password Policy
Hacked passwords are among the most common causes of data breaches, and it's not surprising when people set weak passwords such as '123456' and 'Password'. Businesses should mitigate this threat by creating a password policy that outlines specific password creation instructions.
Device Usage Policy
This Policy explains your company's rules on using work devices and personal devices used during work hours and when working remotely.
Work From Home (WFH) / Hybrid Working Policy
Working from home needs to be managed carefully, especially with new hires; you must have a valid working-from-home policy. Your Policy should outline what homeworking means and how employees can ask to work from home. In addition, it should outline some of the working-from-home rules that are specific to your business.
Read more about our New Employee Cyber Security Checklist for Employers on our website