As millions of people across the United Kingdom are now working from home amid the COVID-19 pandemic, a top information technology (IT) banking expert strongly “recommends” taking extra precautions to ensure confidential documents remain secure.
Dave Wickham, who heads up the IT department at Redwood Bank—the UK’s first challenger business bank to be completely “born in the cloud”, believes companies should introduce new security processes to protect themselves amid this new way of working.
He has more than 18 years’ experience working within the IT sector and has extensive practical knowledge of complex system builds, hardware and software, network and technical support.
Working from home often leads to users working in a different manner, and with that in mind, Dave and the rest of Redwood’s technology team have compiled five steps that can be used to help avoid making cyber-related mistakes.
- Maintain regular working hours, but plan breaks to avoid making errors.
- Be aware of your surroundings. If working around others, try to designate a workspace to reduce the likelihood of distractions and potential data compromise.
- Ensure your home setup is secure; for example, make certain your router has a secure password and firewall switched on. Don’t connect to unsecured WiFi. Connect to your mobile phone’s personal hotspot rather than free, open WiFi networks.
- Internet speed may take a hit with everyone in the area working from home. Exercise patience when sending and receiving large files.
- Mobile providers will also likely be affected. Consider alternative solutions such as Skype, Microsoft Teams, Zoom.
Since its inception, Redwood Bank has invested heavily in technology and partnered with Microsoft to deliver a secure service, via a completely internet-based IT system.
Dave said, “Being a challenger bank based in the cloud means security is crucial to our business. We just cannot allow our systems to be compromised in any way. With millions of people working from home as the country experiences the COVID-19 lockdown, I strongly recommend that extra precautions are taken to ensure confidential documents remain secure.
“Employees should follow their data-protection policy, which will be different for each company, and all confidential documents should be stored on a centralised, secure digital platform, such as a file server or SharePoint. Documents should be classified as ‘confidential’, and policies should be in place to ensure these aren’t accidentally or intentionally leaked. Businesses could also consider putting restrictions on certain documents to prevent them from being printed. It is important to ensure widespread training and awareness across the business as soon as possible. We also recommend that staff keep family members away from work devices and keep them locked or shut down when not in use. Only use encrypted WiFi for business such as WPA2 (Wi-Fi Protected Access 2), which is not perfect but is currently the most secure choice.
“If you need to access resources, such as servers, that live at your company’s location, use a VPN (virtual private network) to connect to your office network. A VPN creates an encrypted tunnel for your network traffic to flow through and makes it harder for others to intercept your traffic. If you aren’t sure if your company offers a VPN, or how to connect to it, check with your IT support person.”
Communication amongst teams is essential when there is no central meeting point, so Dave suggested using Microsoft Teams, which allows a large number of people to join. They can also share videos, audios, files and screens.
He added, “Keeping the dialogue open between teams and clients is especially important when working remotely, as it requires communication using technology as opposed to face-to-face. We utilise Voice over Internet Protocol (VoIP) telephone technology and Microsoft Teams to communicate across the business and with our clients.”
Redwood Bank’s innovative approach to technology has already been recognised, with the bank having previously picked up the Best Use of Cloud category at the Banking Technology Awards in 2018; and just last year, the team made the final shortlist in the Best Use of Technology category at the Inspiring Hertfordshire Awards.
Dave explained, “Technology and security are what we do best. We have a layered, defensive security approach, which includes strategies focused on technology, people and processes throughout the organisation, but there are many companies out there that won’t be as protected as Redwood is. That’s why it’s so important to take as many precautions as possible. It’s not too late to introduce some cybersecurity solutions and demand stringent safety measures from all suppliers. Establish some basic security practices to protect sensitive business information, and communicate them to all employees on a regular basis.
“Lay out some rules of behaviour, so all staff know the correct way to handle and protect customer information and other vital data. Passwords are another important aspect to consider. Redwood follows the NCSC’s (National Cyber Security Centre’s) guidance here and would recommend passwords that consist of three random words.”
Dave also suggested that people at home should “avoid the temptation” to use unapproved tools or store data outside of company resources. He also warned against phishing emails, which have become commonplace now and are used to extract personal data from people that is then used for criminal activity.
He explained, “Never click an attachment you weren’t expecting, even if it appears to be from somebody you know. Always best to check back with that person to make sure the attachment is legitimate before you open it. If you get an email asking you to sign into a site, open a new tab in your browser and type the URL in yourself, rather than clicking a link in the email.”
Gary Wilkinson, chief executive officer and co-founder of Redwood Bank, added, “As a cloud-based bank, Redwood is designed for all employees to be able to work securely from anywhere, so we have been able to implement the working-from-home advice very swiftly. We’re taking the current global COVID-19 situation extremely seriously. The health, safety and well-being of our staff and customers are at the centre of everything we do. However, even though we’re all working from home to adhere to the social-distancing rules, it’s very much business as usual for Redwood.
“At the moment, there is a lot of uncertainty. People are unsure how long this partial lockdown will last and what this means for business, not to mention the huge implications COVID-19 may have on our health. We would like to take this opportunity to reassure our customers that our working measures remain completely secure, and we are confident that there will be minimal—if any—disruption to their banking services.”
Founded in 2017, Redwood Bank was launched to offer secured SME (small and medium-sized enterprise) lending products to owner-occupied businesses as well as to experienced commercial and residential-property investors. It funds this lending by offering market-leading savings accounts to businesses, charities, clubs and associations.