News
COVID-19: Sophos shares five tips on how remote workers can stay cybersecured
BY: Sandra Ani
Following the Federal and State Governments directives that businesses in Nigeria should adopt measures to curtail the spread of Coronavirus many if not most organisations have already crossed the “working from home”, or at least the “working while on the road” bridge.
Therefore, the global concerns over the current coronavirus (Covid-19) outbreak, and the need to keep at-risk staff away from the office, means that lots of companies may soon and suddenly end up with lots more staff working from home
A global cybersecurity Company has also suggested that it is vital not to let the precautions intended to protect the physical health of a company staff turn into a threat to their cybersecurity health at the same time.
“Importantly, if you have a colleague who needs to work from home specifically to stay away from the office then you can no longer use the tried-and-tested approach of getting them to come in once to collect their new laptop and phone, and to receive the on-site training that you hope will make them a safer teleworker”, Principal Research Scientist Sophos, Paul Ducklin, said while stressing that organisations are now in need to set remote users up from scratch, entirely remotely, something some have not done a lot of in the past.
Ducklin went ahead to list five tips for working from home safely:
1. Make sure it’s easy for your users to get started:
“Look for security products that offer what’s called an SSP, short for Self-Service Portal. What you are looking for is a service to which a remote user can connect, perhaps with a brand new laptop they ordered themselves, and set it up safely and easily without needing to hand it over to the IT department first.
“Many SSPs also allow the user to choose between different levels of access, so they can safely connect up either a personal device (albeit with less access to fewer company systems than they’d get with a dedicated device), or a device that will be used only for company work.
“The three key things you want to be able to set up easily and correctly are: encryption, protection and patching.
“Encryption means making sure that full-device encryption is turned on and activated, which protects any data on the device if it gets stolen; protection means that you start off with known security software, such as anti-virus, configured in the way you want; and patching means making sure that the user gets as many security updates as possible automatically, so they don’t get forgotten.
“Remember that if you do suffer a data breach, such as a lost laptop, you may well need to disclose the fact to the data protection regulator in your country.
“If you want to be able to claim that you took the right precautions, and thus that the breach can be disregarded, you’ll need to produce evidence – the regulator won’t just take your word for it!
2. Make sure your users can do what they need
“If users genuinely can’t do their job without access to server X or to system Y, then there’s no point in sending them off to work from home without access to X and Y.
“Make sure you have got your chosen remote access solution working reliably first – force it on yourself! – before expecting your users to adopt it.
“If there are any differences between what they might be used to and what they are going to get, explain the difference clearly – for example, if the emails they receive on their phone will be stripped of attachments, don’t leave them to find that out on their own.
“They’ll not only be annoyed, but will probably also try to make up their own tricks for bypassing the problem, such as asking colleagues to upload the files to private accounts instead.
“If you’re the user, try to be understanding if there are things you used to be able do in the office that you have to manage without at home.
3. Make sure you can see what your users are doing
“Don’t just leave your users to their own devices (literally or figuratively). If you’ve set up automatic updating for them, make sure you also have a way to check that it’s working, and be prepared to spend time online helping them fix things if they go wrong.
“If their security software produces warnings that you know they will have seen, make sure you review those warnings too, and let your users know what they mean and what you expect them to do about any issues that may arise.
“Don’t patronise your users, because no one likes that; but don’t leave them to fend for themselves, either – show them a bit of cybersecurity love and you are very likely to find that they repay it.
4. Make sure they have somewhere to report security issues
“If you haven’t already, set up an easily remembered email address, such as security911 @ yourcompany DOT example, where users can report security issues quickly and easily.
“Remember that a lot of cyberattacks succeed because the crooks try over and over again until one user makes an innocent mistake – so if the first person to see a new threat has somewhere to report it where they know they won’t be judged or criticised (or, worse still, ignored), they’ll end up helping everyone else.
“Teach your users – in fact, this goes for office-based staff as well as teleworkers – only to reach out to you for cybersecurity assistance by using the email address or phone number you gave them. (Consider snail-mailing them a card or a sticker with the details printed on it.)
“If they never make contact using links or phone numbers supplied by email, they they are very much less likely to get scammed or phished.
5. Make sure you know about “shadow IT” solutions
Shadow IT is where non-IT staff find their own ways of solving technical problems, for convenience or speed.
“If you have a bunch of colleagues who are used to working together in the office, but who end up flung apart and unable to meet up, it’s quite likely that they might come up with their own ways of collaborating online – using tools they’ve never tried before.
“Sometimes, you might even be happy for them to do this, if it’s a cheap and happy way of boosting team dynamics.
For example, they might open an account with an online whiteboarding service – perhaps even one you trust perfectly well – on their own credit card and plan to claim it back later.
“The first risk everyone thinks about in cases like this is, “What if they make a security blunder or leak data they shouldn’t?”
“But there’s another problem that lots of companies forget about, namely: what if, instead of being a security disaster, it’s a conspicuous success?
“A temporary solution put in place to deal with a public health issue might turn into a vibrant and important part of the company’s online presence.
“So, make sure you know whose credit card it’s charged to, and make sure you can get access to the account if the person who originally created it forgets the password, or cancels their card.
“So-called “shadow IT” isn’t just a risk if it goes wrong – it can turn into a complicated liability if it goes right!
Most of all, the Paul Ducklin added, “if you and your users suddenly need to get into teleworking, be prepared to meet each other half way.
“For example, if you’re the user, and your IT team suddenly insists that you start using a password manager and 2FA (those second-factor login codes you have to type in every time)…
“…then just say “Sure,” even if you hate 2FA and have avoided it in your personal life because you find it inconvenient.
“And if you’re the sysadmin, don’t ignore your users, even if they ask questions you think they should know the answer to by now, or if they ask for something you’ve already said “No” to…
“…because it might very well be that they’re asking because you didn’t explain clearly the first time, or because the feature they need really is important to doing their job properly.
“We’re living in tricky times, so try not to let matters of public health cause the sort of friction that gets in the way of doing cybersecurity properly!
Here are other Sophos resources related to COVID-19 that you may find useful:
SophosLabs has uncovered a variety of different malicious email campaigns connected to COVID-19, including:
Phishing scams impersonating the WHO, CDC, and other healthcare organizations to deliver malware via malicious documents disguised as official information on how to stay safe during the pandemic
Cybercriminals impersonating charities and relief organizations like the WHO’s COVID-19 Solidarity Response Fund to trick victims into sending them Bitcoin
SophosLabs is updating its Uncut blog with new findings in real time.
News
Widows, Wives and More than 2,000 Residents of Ikeja Police Barracks Benefit from YP4T’s Initiative
More than 2,000 individuals from the Ikeja Police Barracks community benefited from an impactful outreach program spearheaded by Young Professionals for Tinubu (YP4T), an advocacy and support group working in alignment with the Renewed Hope Agenda of President Bola Ahmed Tinubu.
The initiative provided critical medical services, care packages, food supplies, and financial assistance to widows, wives, and vulnerable residents, demonstrating the heart of nation-building through community-centered support.
The program, which united healthcare professionals, community organizers, and volunteers, complemented the government’s broader efforts to bring essential services closer to the people.
Residents of the Ikeja Police Barracks received free medical consultations, blood pressure and diabetes screenings, and wellness advice. Widows and families also left with care packages filled with food items, toiletries, and financial support to help alleviate the pressures of the holiday season.
Dr. Love V. Tinuoye, CEO of Medvita Consultancy and the lead doctor on-site, reflected on the impact:
“This initiative reflects a collective commitment to advancing healthcare in Nigeria. We were able to screen for and address critical health issues such as hypertension and diabetes while also providing preventive care like vaccinations and cancer screenings. This is what true community-focused care looks like.”
Beyond medical services, the outreach distributed care packages containing food staples, toiletries, and financial support, designed to alleviate the challenges faced by vulnerable members of the police barracks community.
The event highlights the ongoing efforts under the Renewed Hope Agenda to provide inclusive support for Nigerians across the country. Initiatives like this not only extend access to essential services but also strengthen the fabric of communities.
Mrs. Jumoke Elom, a businesswoman and beneficiary, shared her gratitude:
“I am deeply grateful for this program. The care my family received today—both medical and material—has given us hope and reminded us that we are not alone. It shows that there is real support for families like mine.”
The outreach program was also a platform for demonstrating the principles of nation-building through collaborative action. Alex Oware, Security Expert and Director of YP4T, explained the motivation behind the initiative: “The Renewed Hope Agenda is about about bringing real transformation to communities. This initiative embodies that vision by supporting over 2,000 people—not just through tangible resources, but by reaffirming their place in the collective growth of our nation. It lies at the soul of Renewed Hope: fostering resilience and creating opportunities for all Nigerians.”
The outreach program extended beyond healthcare, providing food and financial support to families within the police barracks. A touching moment involved a widow who, after receiving her care package, expressed her gratitude with tears of joy. Her story is just one of many that reflect the transformative power of collective action.
This initiative by YP4T—an advocacy and support group of Nigerian professionals from across the globe—represents a continued commitment to driving grassroots impact, inspired by President Tinubu’s vision. The success of the Ikeja outreach program demonstrates the power of collaboration between the public and private sectors to deliver meaningful change across Nigeria.
News
Matawalle Salutes Nigerian Military, Citizens at Christmas
… Calls for Love and Peaceful Coexistence
The Honourable Minister of State for Defence, H.E. Dr. Bello Mohammad Matawalle, has extended warm greetings to the Nigerian military and all citizens, both Christians and non-Christians, during this joyous Christmas season.
In his message, he emphasized the importance of embodying the spirit of love and peaceful coexistence, urging all Nigerians to reflect on these values not only during the festive period but throughout the year.
“This season serves as a poignant reminder of the enduring principles of peace, unity, love, and sacrifice that bind us as a nation,” he stated.
The Minister encouraged every Nigerian, regardless of their religious beliefs, to celebrate and honor President Bola Ahmed Tinubu, GCFR, as well as the brave men and women of the Armed Forces who tirelessly demonstrate their patriotism in safeguarding the safety and sovereignty of our beloved country.
Highlighting the significance of the yuletide season, he noted that it should reinforce our bonds of unity, foster a spirit of camaraderie, and inspire compassion towards one another. He called on all citizens to remain steadfast in their collective efforts to build a secure and prosperous Nigeria.
In conclusion, the Minister wished everyone a Merry Christmas and a Happy New Year.
Henshaw Ogubike, MNIPR, FCAI, FSCA, FCPE
Director of Information, Press and Public Relations
…Says no government has shown so much support to LGs, State Governments like President Bola Ahmed Tinubu….
The Minister of State for Defence, Dr. Bello Mohammad Matawalle, has expressed confidence that the administration of President Bola Ahmed Tinubu GCFR will significantly enhance the economies of Zamfara State and Nigeria as a whole.
Matawalle who is currently on a five-day visit to his home state, the Minister and former Governor of Zamfara commended President Tinubu for his unprecedented support for Local Government Councils and state governments. “No previous administration has demonstrated such a strong commitment to developing local councils and states as President Tinubu,” Matawalle remarked.
He highlighted the President’s role as a grassroots mobilizer, emphasizing his passion for local development. “President Tinubu has allocated substantial funds to states and local government councils, enabling them to undertake impactful development projects,” he added.
Matawalle urged party supporters to collaborate with their leaders to reclaim the lost mandate from the ruling Peoples Democratic Party (PDP) in Zamfara State. “It is essential for all APC members to remain law-abiding citizens,” he stated, reinforcing the party’s commitment to uphold the law.
Addressing a large gathering of supporters who welcomed him, Matawalle reassured them of the federal government’s ongoing efforts to combat banditry and terrorism in the region. “With the federal government’s initiatives to address security challenges, we will soon experience a renewed sense of safety and peace,” he emphasized.
He concluded his address by urging the community to continue supporting the government at all levels. “Together, we can restore peace and order in our country,” Matawalle affirmed.
Portugal Football Club Signs on 19-Year-Old Nigerian- born Footballer, Yaqub Usman-Malah
Minister Commends Guards Brigade for Exceptional Service in Securing the Seat of Government
Spotify’s ‘Detty December’ Hub and Spotify’s ‘Songs of December’ now live
LASG Acquires New Outboard Engines For Optimum Boat Performance
Elon Musk builds Hotel in Mars, Sets to launch soon at $5million per night – Photos
