With the coronavirus spreading and social distancing being the order of the day, offices nationwide have sent employees home to work remotely. Soon, we are likely to get an idea of how well our networks can handle the mass displacement of workers from digitally secure office environments to homebound access fraught with unique cybersecurity risks.
If you are working at home, perhaps you already are struggling with distractions, the urge to peek into the refrigerator that is now only a few steps away, or the temptation to procrastinate and risk falling woefully behind in your work.
But while working from home and other social distancing measures will likely help protect you from the coronavirus, you need to also be mindful of how your new telecommuting situation can open the door to viruses of the digital variety—not only to your online devices, but also to your employer’s networks and critical data.
Working outside secure office environments can open the door to cybersecurity vulnerabilities. Government agencies are warning that the sudden increase in people working from home is going to not only test the resilience of networks, but also elevate the risk of cyberattacks by threat actors looking to exploit the situation, particularly when it comes to the virtual private networks (VPNs) that enable telecommuters to remotely access their employers’ systems and data.
While companies and other organizations are advised to update the security configurations of their VPNs and the devices that use them, there are also a number of home cyber safety tips that telecommuters themselves should follow. Continue reading to get our expert tips and video tutorials designed to help you secure your home office environment.
Phishing Email Detection and Prevention
Know that cyber thieves are already using the coronavirus as a topic for phishing emails, seeking to get users to provide their logins, passwords, and other information. Threat actors commonly use emotions and emotionally charged situations to get users to click on links they may otherwise view more critically. Their techniques get harder to spot all the time, so be vigilant with any email or website that asks for these things.
This short video tutorial walks you through how to detect phishing emails and tips to keep your inbox protected.
In addition to detection and prevention tips, here are some additional ways to minimize risk from phishing email scams:
- Do not share work computers and devices with others in your home. Doing so increases the risk of unauthorized or inadvertent access to protected company information. It is more important than ever to be especially vigilant in safeguarding the information entrusted to your care. This often includes confidential business information, trade secrets, intellectual property, and personally identifiable information such as personnel records, medical records, payment information, and financial records.
- Company information should never be downloaded or saved to employees’ personal devices or cloud services, including employee computers, thumb drives, or cloud services such as their personal Google Drive or Dropbox accounts.
Additionally, you should take steps to manage your household bandwidth and ensure reliable connection for important online meetings, webinars, and other critical online activities. During your workday, consider turning off bandwidth-hungry applications such as Alexa and have your children stay off the wi-fi, using their mobile data instead. Or, conversely, let the kids use the cable bandwidth while you tether to your mobile device (presuming you have a good connection). If you do that, it is essential to protect your mobile access point with a password to prevent others from using it for their own purposes (or even stealing information).
With all this in mind, here are some further computer security best practices for creating a more secure environment for working at home.
Encrypt Your Data
If you are using an employer-provided laptop or device, don’t presume it is entirely secure when you are connecting from home. It is easy for a cybercriminal to do a quick search for your brand of router and log in. So, at the very least, change your router default password to something unique and ensure your router is encrypted by enforcing WPA2 or selecting WPA3 if available.
Watch this video to learn how to encrypt your data at home.
Once you’ve taken the time to protect your data, follow these additional tips to ensure your data and information remains protected.
- Don’t connect to public wi-fi systems while on your work device – if you are required to leave shelter and head out, use your password-protected mobile connection rather than public wi-fi systems.
- If your employer doesn’t offer a VPN, get your own. Doing so offers a reasonable measure of security to protect your employer’s, clients’, and customers’ information.
- If your employer isn’t requiring multi-factor authentication (MFA) instead of just user IDs and passwords, you should suggest they do so. MFA will significantly boost security and can be obtained through an app on mobile devices that provides specialized one-time PINs to authenticate users.
Get Familiar with VPNs and MFAs
How much do you know about virtual private networks (VPN) and multi-factor authentication (MFA)? Watch this video to learn about both VPNs and MFAs: why they are critical to your at-home network security and how to get started using them today.
In addition to taking proactive steps to protect your home network and devices, here are some more security protection tips to consider:
- Keep your software updated. We have all been there – a pop-up appears saying you need to restart your device to update operating system, and too many of us tend to hit “later.” The bad actors out there are counting on this and will exploit any vulnerabilities if given the opportunity. We recommend you take 10-15 minutes when that reminder pops up and let those updates occur.
- Keep your data backed up. If your company offers a cloud solution or shared folder, take advantage of it to ensure your device is uploading your data as you go. That way, if something goes wrong with your laptop or computer, you have the option to recover that data.
- Use a standalone password storage application that is not part of the system or a web browser if you're looking for a way to help manage passwords. Remember to turn off the “remember password” functions on your computer or browser when you use it to access company information systems and applications.
Password Best Practices
Not quite sure how to create unique passwords and keep them secure? Watch this short video outlining common pitfalls and best practices to keep your accounts and passwords secure.
Use a Password Manager
Learn all about password managers and how you can increase your security by using one in the video below.
Another important tip...
If you are going to be working from home, you should check in with your employer’s IT team to ensure your devices – whether they belong to you or your employer – are running the latest anti-virus tools and security applications.
Become Your Own Security Manager
Whether you work from home for the next few weeks, months, or just periodically as needed, learning best practices for network security is in your best interest.
Watch this video to learn how you can become your own security manager by staying up to date with security patches on your devices and managing your own WiFi router security.
By staying home and staying mindful of the suggestions provided above, you will be better positioned to get through this period of coronavirus anxiety, stay productive, and help your employer ward off the cyber threats that are certain to increase as telecommuting goes mainstream.
Interested in more cyber security tips and information?