home working cybersecurity tips

Enjoying the many virtues of living and working in a digital age means keeping your wits about you; avoiding a panoply of cyber threats from malware and spam to extortion and theft.

And so it is with the situation that many customer service pros find themselves in: being tech enabled to work from home just as productively as in the office, but with the certain knowledge that this exposes you to greater cyber risk.

Why the humble customer service agent is a target

Customer service agents are entitled to wonder why “little old me” is going to be of any interest to a hardened cyber attacker on the lookout for lucrative prey. The answer lies in recognizing that all the big, juicy targets are well defended from all-out assault and that home workers represent a convenient (and sadly, far easier to exploit) stepping stone to penetrating the employer organization. It’s the difference between blasting their way into a bank through the front door versus finding sneakier ways to slip inside undetected.

So here are 5 ways you can stop cyber risks getting in the way of delivering great customer service from home.

1. See cyber vigilance as a team effort

Your company culture is priceless because it binds people together – wherever they are working from – to follow shared goals and values. It makes perfect sense to make cyber safety part of that culture because it helps protect colleagues, customers and the business itself.

Just like great customer service culture, great cybersecurity culture can’t survive in a vacuum. Everyone needs to buy-in, and it’s just as important to have support from customer-facing employees as it is from the Board. There can be no “cyber risks don’t impact our department” or “…have nothing to do with me.” Help and learn with each other as a team.

2. Establish some basic cyber hygienes at home

We’re not going to get too technical here and, besides, the more specific advice will depend somewhat on whether you use a company-provided laptop/device or your own machine. What’s important is to instigate a basic level of cyber-hygiene in your home so that your work will not be affected. So, things like:

  • Changing default passwords and updating them regularly. Very important for your Wi-Fi router. Hackers know ALL the default factory passwords that manufacturers use and will use this to get onto any connected device, install harmful software and potentially go onto the internet posing as you.
  • Keeping software patches up to date. People often disable their auto-updates to avoid slowing down their computer, but this is dangerous. Fresh security updates patch holes that cybercriminals can exploit. The race is on so you really need to update your machine as soon as possible.
  • Running good antivirus software. Some people don’t have antivirus at all, or don’t keep it updated. Make sure yours is. Another good idea is periodically running a system scan (most antivirus products have this function).
  • Utilizing spam filters. It doesn’t matter if it’s your work or personal email, spam is bad news both for the nuisance factor and – especially – for harboring malicious links and attachments.
  • Being careful attaching other devices to your computer. If in doubt, don’t do it. Make sure you 100% trust the USB thumb drive etc. you connect your computer to – don’t use free ones you find in a drawer or receive in the mail.

A happy by-product of this work is that the whole household can benefit, not just your work and the devices you use to do it.

3. Educate yourself

Even businesses with strong cyber defenses and policies in place are still vulnerable when users do the wrong thing. Ideally your employer will operate a structured education program that fosters maximum cyber awareness, thus increasing vigilance to the latest kinds of threats.

The most devious attacks are often the simplest and most low-tech. For example, phishing emails that have been spoofed to come from a colleague or a customer can be hard to spot, but there are ways to do it and even test yourself with real examples. So-called ‘social engineering’ attacks (basically con tricks) often use a combination of fake emails and fake phone calls, so learn how to spot these too. And remember that scammers aren’t always after money – little snippets of personal information might be all they need to commit their crimes.

4. Flag your suspicions

Humans might be more falable than machines when it comes to cyber attacks, but we’re very good at applying context and identifying unusual patterns. So trust your gut instinct when something doesn’t seem quite right, and act upon it by escalating the issue with your line manager or IT team.

Data breaches from successful cyber attacks cost an average of $116m and can damage brand reputations irreparably. Flagging suspicions supports the learning and improvement of other agents as well as the organization as a whole, even if it turns out to be a ‘false positive’. Culture is again important here – people who feel blamed for ‘wasting people’s time’ raising a risk are less likely to raise them again, even when they prove correct.

5. Don’t trust “I am who I say I am”

You might wonder what negative effect all this hyper-vigilance risks having on your standards of customer service. For example, what if treating a bona fide customer enquiry like a potential criminal sting gives them a poor experience (and squashes your metrics)?

Turning this negative into a positive is all about how you communicate with customers. Ultimately, you need to get across that you are doing this for their benefit. For example, emphasizing that you value their personal information when deciding to double-check their identity.

The toughest test is the colleague or customer who isn’t who they say they are. For example, a team member who asks you to forward a sensitive piece of information. Or a customer with a compelling reason for wanting their refund routed to a different bank account then they paid from. Even businesses that routinely use authentication checks and one-time passwords must be careful that their staff aren’t lulled into a false sense of security.

People are often the weakest link in cybersecurity, they can also be your strongest ally when sufficiently streetwise, savvy and equipped with knowledge. Yes there are strategic technological solutions that businesses must put in place to counter attacks on remote workers, but at least as important are the little things that individual team members can do to keep themselves safe; thereby reducing risks to customers, colleagues and their employer.


Get feedback from your team to see how they are getting on working from home, use Customer Thermometer’s simple pulse checker – try it free here: