Security tips for working from home
There are so many advantages to working from home, including avoiding peak hour traffic, the chance to hit the snooze button for a couple of extra minutes in the morning and the convenience of wearing your pyjamas while sipping coffee, browsing your latest emails. It’s no wonder that a 2018 study has found that the popularity of working from home for many professionals has grown in recent times. And at least one day a week 70 percent of the global employee work remotely.
But in these times of coronavirus where everybody is now working from home, and often in a full-time capacity, it has plunged large numbers of employees into unknown waters. As a result, we thought it useful for us to share some security tips, to help you navigate through your WFH experience.
WFH Physical Security Tips
This is the first of our security tips, and probably the most obvious. Are your work devices physically safe and have you secured them against any unauthorised use? Remember, your device contains confidential information, and therefore, only meant for your eyes.
Physical security tips
- Tip 1 – if you have finished working or heading outside, ensure your work devices are shut down or locked. Include all devices, even your mobile phone that you use to check emails or make phone calls
- Tip 2 – get in the habit of putting your computer to “sleep”, this locks it while you grab a coffee or take a break. This is beneficial particularly if you have a cheeky roommate or young inquisitive children. It’s also good practice for when you work in the office, to ensure everything remains confidential.
- Tip 3 – Ideally a separate workplace space is the best solution. If this isn’t possible, be sure you clear your devices away at the end of the workday and store them someplace safe. This stops them from accidentally falling, spillages and little fingers. It also helps you separate your work – home life balance.
System Access security tips
Perhaps there was little thought given to restricting access to servers with sensitive data due to a very protected office network. Or in fact that staff often had to use their own personal computers, a WFH consequence of coronavirus as business’ were caught unaware. Securing personal devices isn’t of major concern for personal use and if secured, certainly not to the level of best practice. If you think cybercriminals will stop their tricks during the coronavirus and refrain from attacking remote workers, sadly, you are mistaken. In contrast, these are the times they ramp up their criminal activity.
System Access Tips
- Tip 1 – Accessing your computer at the very minimum, needs to be password protected, and the password needs to be strong. This will keep a thief from easily accessing company information.
- Tip 2 – Accessing your work systems may now require you to enter a variety of passwords to gain access. If your workplace doesn’t already offer a single sign-on service, consider using a password manager such a LastPass https://www.lastpass.com/. It will be much more secure than a written list of passwords left on your desk.
- Tip 3 – Check whether data encryption is active on your work machine as it helps protect information on stolen or compromised computers. Ask your IT department, or Managed Service provider if you’re unsure.
- Tip 4 – If you’re connecting your work computer to your home network, don’t make it visible to other computers in the network. Make sure the option to share files is off if you have to add it to the HomeGroup.
Separate work and personal devices
This may not be easy, especially if you are using your personal computer for work. But if you can, it’s best to separate work and home devices.
Are you turning in digital assignments for your home-schooled children or ordering groceries or items online to avoid shopping centres?
A work-home balance is best from a security perspective.
To clarify this
Separate work and personal devices Tips
- Using the same computer for home and work can create confusion as one minute your doing a work spreadsheet and the next paying your bills online. Along with confusion you could also end up compromising your personal information when a cybercriminal was looking to breach your company.
- Keep your work and email address’ separate. Don’t use them interchangeably, as this looks unprofessional. And once the normal office routine resumes, you don’t want clients sending emails to your personal email address.
- Both work and schools are huge targets for cyber-criminals so best to keep these separate, if you can. A prize win and big payday for a cyber-criminal would be to not only infect an organisations network but install “troublesome ransomware infections” at your child’s school to sell on the dark web.
- You need access to your organization’s cloud infrastructure through a VPN with encryption.
- Secure your home Wi-Fi with a strong password, just in case VPN isn’t an option or if it fails for some reason.
- Your home router should also be password protected. Be sure to change the default password, always use a strong password – 123456 or password1 just aren’t strong enough.
Cyber security best practices
These WFH security tips, hopefully you have already been practicing in the office
- Tip 1 – Be wary of phishing emails. Familiarise yourself with the Phishing emails top 10 examples if your unsure or educate yourself with the current coronavirus scams these pretend to offer advice on health information. Make sure to scan your emails thoroughly, and do not open anything, or click any links unless they’re from a trusted source.
- Closely related to phishing, is Business Email Compromise is where a scammer pretends to be an organisation’s CEO, then starts bombarding the CFO with urgent requests for a money transfer. Pay close attention to the actual email address of senders.
- When it comes to social media, try and maintain your usual routines. As overexposure may make you an easy target for scams as criminals love using social media to ensnare their victims.
Other security precautions
Below, is a list of questions that are worth asking before you can rest assured that WFH is not going to be a security disaster. Here are some to consider:
- Who is responsible for making any updates? Are you supposed to keep everything up to date or can your IT department do it for you?
- Do you need any additional security software, now you’ve left the safety of the office? Check with your Managed Service Provider (insert the link, once uploaded) or IT department. Maybe you need a security program for your Window PC https://www.malwarebytes.com/premium or for your Mac https://www.malwarebytes.com/mac or even for your Android device https://www.malwarebytes.com/android
- Are you able to save and back up your local files to a corporate cloud solution?
On a different note
After the initial perks of WFH as I’ve mentioned, avoiding peak hour traffic, the chance to hit the snooze button for a couple of extra minutes and wearing your pyjamas during your workday, all jokes aside, this is a HUGE adjustment for many people.
WFH may make you feel irritated, isolated, uncomfortable and unmotivated or really just tired. It takes some adjustment, and one day at a time is the best remedy.
If your feeling irritated, are you being distracted by the presence of others. Try to go somewhere a little quieter. To help your overall well-being, maintain a healthy posture. Is your set up ergonomic? Take regular breaks to stretch your legs and give your eyes a rest. Exercise regularly, eat well and get plenty of sleep.
While remembering all the social distancing rules during the coronavirus pandemic can seem overwhelming at times, it always best to play it safe. The same can be said about the WFH security insights, it’s always best to play it safe!