Securely Working From Home - Employee Guidance Blog

 Securely Working From Home

Due to the worldwide Coronavirus crisis, many of us are now working from home. Some of us for the first time ever. Working from home can present many different challenges compared to those that we experience working in the office. For example, we may be multi-tasking, combining work commitments with childcare. Our job and responsibilities may be slightly different, owing to the remote home work location, and overall, it can be a steep learning curve that creates difficult challenges and a whole new way of running our lives. With all these various life commitments, it can be easy to overlook the issue of internet security. Sadly, the hackers haven’t taken time off due to the Coronavirus and now many of them will be aware that home computer setups are now handling sensitive company information without the back up of a professional cybersecurity system. Your home network generally contains a range of devices; your laptop, your smartphone and other tech belonging to other family members. However, the point of entry into this network is always via an internet provider. So, have you changed your default administrator passwords?

Default Administrator Passwords

Most people completely forget that their entire computer network comes from this one point of entry. Most of us continue to use the default administrator passwords that came with our network bundle. These default administrator passwords offer an easy way into the entire network so if they are not changed they allow bad actors to gain access across the network.

To ensure that your network is not leaking security, you should change the default administrator passwords for your device administrator account as well as for your wireless network. After all, we have often seen people hacking into their neighbor’s account which is bad enough. But imagine if a hacker got hold of your administrator passwords and used these to corrupt your system?

Now you are working from home, it is not just your personal details that are at risk; it could compromise the security of the entire company.

Choosing strong passwords for your administrator password is essential for Cybersecurity.

Anti-Virus Software

Anti-Virus software is one of the most important cyber defenses when you work remotely. Many of us don’t bother unduly about this when we are just going online for our own purposes. Many of us simply use a free anti-virus system or the one that came with the computer. This is not a good idea in any setting, but at least if our system becomes compromised, it does not affect our professional life.

However, when you are working from home, it is a different story. For a start, you may have family members such as teens who visit dodgy sites and with the fact that the whole family is now at home, internet traffic is going to be much higher than usual.

Increased usage equals higher risk and combined with potentially sensitive information now running through the same network, it is beginning to look like a security nightmare. To keep safe, make sure that you have up-to-date anti-virus software installed and active on all devices that are used in your household.

It is also important to ensure that the operating system and your browser have the latest security patches installed as they reduce cyber risk significantly. You can check that your security is running the latest updated version by going into Settings on your devices and downloading from there.

Hackers love flaws in security so make sure that you do this for all the devices that are currently being used in your home.

Using a VPN and getting some Backup Software

Two important steps in protecting your valuable data are backup software and a secure connection to your office applications.

Using a Virtual Private Network or VPN enables you to create a secure and direct connection to another network, in this case, your company’s network. Nobody outside can get inside this network so using a VPN for work purposes is an ideal way to keep hackers and snoopers from getting to your company’s information.

Back-up software is also important. Back-up software enables you to create duplicate copies of all files and data and recover it safely, even if it is lost or corrupted by malware. This means that if the worst happens and your system does become hacked or corrupted, your data is still safe and easy to retrieve.

Do not disable any backup software running on your company provided devices.

You don’t work in IT so it is really important to leave backup software running on your company devices, especially if you don’t know what it is. Disabling software could leave an open security risk to hackers and may also cause unknown ramifications. You may wish to use your company’s device for a private purpose but it is not worth the risk. In addition, once you have disabled the software, are you really sure you can get it back?

Always Follow Your Company’s Security Policy

If your company has a policy for secure connectivity, such as always working through a VPN, always keep to it. You might think it is unnecessary because you only want to log on for a few minutes, but it is not worth the risk to security. Remember you are still at work even though you are working from home, so follow your company’s line and stick with the program. If your company requires all contact to be via the VPN, just do as they request.

Beware of Hackers.

Hackers use different psychological tactics to take advantage of employees who are working from home.

Here are two common scenarios:

Scenario 1:

Someone calls you pretending to be from your company’s IT organization. They create a fake urgent situation surrounding security and they ask you to share sensitive data like your password. These types of calls are extremely convincing and many people will provide the information without thinking.

If anyone calls you purporting to be from the office and requesting sensitive information, always hang up and call the relevant office department to check.

Always double-check via secondary channels like your company’s internal communication chat, text, or email.

Remember the watchwords: Trust and Verify.

Scenario 2:

You get an email that looks like it is from your manager which asks you to immediately perform a sensitive task like transfer money to a vendor.

The call may go something along the lines of: “hello Jon, this is Tom, your executive vice president. This is time sensitive. I am about the close the deal. Can you transfer the vendor fee so that I can close it? Here are the bank details…. “

Again, double-check via a secondary channel. When you are remote, make sure to verify any sensitive request before acting on it.

Always remember Trust and Verify.

  • Santhosh Purathepparambil
    Santhosh Purathepparambil

    Co-founder, SecurityAdvisor

Published on : April 27th, 2020

Learn how SecurityAdvisor can help your team

Schedule some time to talk with one of our experts and they will show you how we can help your organization.

Get a demo Today