Remote work is not only essential at the moment, it’s the need of the hour – especially for organisations planning to work with remote talent and implement business continuity plans. Having said this, it has never been as important as now to protect your organisation’s sensitive data, while also allowing your teams to have location flexibility.
Remote connectivity presents a unique set of challenges on the information security front, since remote work environments typically don’t offer the same safeguards, by default, as the office environment with an IT team taking care of the cybersecurity of the organisation, round the clock.
In addition to this, even though business growth might have declined a bit recently, cybercrimes have not (in fact, they have risen in frequency by over 500%!). To help make it a secure option to work from home, we have put together a list of our top tips, from a cybersecurity standpoint. Read on!
If necessary, you may set up and use personal Wi-Fi networks or hotspots at your home office, but only after having adequate network security in place. However, you should avoid public Wi-Fi networks. Using them could make your devices vulnerable to significant cybersecurity risks.
Keep in mind that countless other people have access to that same public network, and since there’s rarely any firewall between your devices and theirs, nor there’s any network encryption in place to protect your data or online activity, bad actors can access your PC or mobile, literally from across the room! In case there’s no other option and you must use a public internet connection, make sure you set up and use a virtual private network (VPN).
Virtual private networks (or VPNs) can provide your devices with a relatively secure internet connection, enabling you to connect to your office network or use different online services or applications, while protecting your online activity from prying eyes.
However, many third-party VPN service providers won’t encrypt your data all the way from the source to the destination, so it’s always a good idea to follow the guidelines provided by your organisation’s IT team on how to set up a remote VPN connection that does the job well at ensuring your privacy at all times.
It may seem tempting to use your personal mobile phone and take care of a few work emails before going to bed or after getting up, or perhaps use your personal computer when your work computer isn’t around in the same room. However, this may prove very risky for both you and your organisation, unless you are using a secure Wi-Fi connection, a VPN, anti-virus software, system endpoint protection, etc.
The moment you decide to take a break from work and walk away from your work devices leaving them unattended, you should lock their screens (of course, while also having a strong password in place). To make sure you never forget to do this, enable automatic locking on your work devices.
Cyberthreats are nearly inevitable for businesses that lack adequate levels of preparedness for them. But did you know that relatively extensive use of encryption could reduce the financial burden of a data breach by around $360,000 on an average, in the unfortunate event that it does happen?
This is why it’s highly crucial to encrypt all the sensitive data on all your work-related devices, especially the data that you share across in your email communication, just to ensure it can’t be intercepted or misused by a bad actor or a third-party with ill intentions. Similarly, make sure all your work devices are set to have all the sensitive data encrypted, just in case any of them gets stolen or goes missing. Needless to say, you also need to prevent cybercriminals from accessing the contents of your work device by using a strong password, PIN, or biometric security (fingerprint, face recognition, etc.).
It’s not uncommon for cybercriminals to look for weak passwords on home routers. Unfortunately, most people don’t change the default password even once (which is something like ‘admin’ or ‘123456’), which leaves their home network highly vulnerable. So, make sure you change your router’s password to something unique and make it a tough nut to crack for a suspecting bad actor.
It’s equally important to make sure you don’t make your files and folders with sensitive data visible to other computers on the home network. For an added layer of security, simply disable the option to share files on the home network using your work computer.
Two-factor authentication will ensure that it’s possible to access your device only after successfully validating two pieces of evidence with the help of an authentication mechanism. Using it can dramatically reduce the risk of your device security being compromised that provides only you, the device owner, with a one-time time-sensitive code, to be used as a security key.
Installing bug fixes and security patches for the software and operating system you use is just as important, if not more important, than other tips in this list. Hackers usually go for zero-day exploits, which means that a delay of just a single day in installing a software update is a bad idea.
It’s unbelievable but true that 69% of organisations still don’t believe that cybersecurity threats can be blocked by using anti-virus software. However, it goes without saying that using antivirus software is essential when it comes to protecting your computer from not just viruses, but all kinds of spyware, ransomware, trojans, rootkits, and so many other types of malware.
However, having an additional layer of firewall would make it a strong line of defence against a vast majority of cyberthreats. If your antivirus doesn’t come with a firewall, you may want to enable your PC’s built-in firewall system.
It’s crucial to be able to find or at least remote wipe your device in case it’s lost or stolen. By securely wiping a device remotely makes it much harder, if not impossible, for the thieves to retrieve your data (don’t worry, you will have a backup of your files and folders online, unless you have disabled the automatic backup applications on your device). Enable “remote wipe” and “find my device” functionality on your devices to ensure your peace of mind in this regard.
Physical security of your work device should never go out the window, especially when you’re working from home. If you work out of a proper home office, secure your work computer with a physical lock (like a Kensington lock, for example) or lock the doors when you leave for the day.
As you may already know, cybercriminals have left no stone unturned when it comes to exploiting unsuspecting audiences for their fears related to the Coronavirus outbreak. Countless national and international phishing campaigns have been designed around this, in many cases attempting to hijack your devices using malware or forcing you to reveal sensitive information. So, if you receive emails with suspicious links or attachments, especially anything related to COVID-19, simply ignore them, unless you are absolutely sure that the communication is coming from a highly trusted source.
If you work at an organisation with a proficient IT team, they would already be blocking most cyberthreats, installing regular updates and bug fixes, running antivirus scans, etc. However, if you also do your part in ensuring cybersecurity and follow the tips we’ve shared in this article, you are safeguarding not just your personal interests, but your organisation’s best interests as well. Keep in mind, just one weak link is enough for bad actors to seize the opportunity and bring an organisation down to its knees.
So, whether you are working out of your home office, or a shared space you will need to stay safe now, more than ever! Also, if you’re able to work from home, we thank you for doing your bit in helping slow down the spread of the Coronavirus!
Want to learn more about cybersecurity best practices for employees and organisations? Read more on the topic now through our blog.
Whilst writing we used the following resources which may be hlpeful to you too: How to Identify and Avoid COVID-19 Phone Scams