In recent months, COVID-19 has taken over the world. Countries are closing borders, production lines are halting, and many employers are instructing employees to work from home. That makes sense: If companies are to continue functioning, and if your job is location-neutral, staying home reduces the likelihood of catching and transmitting the coronavirus while letting you continue doing your job.
Given these circumstances, the coronavirus outbreak has forced many office employees to remain at home. We figured it would be useful for us to share with people working from home to keep in mind the below security risks and tips so that they remain safe and secure while keeping their company data protected.
Secure your WiFi network: Let us start with your WiFi network router. Turn on encryption (WPA2 or WPA3). Encryption scrambles information sent over your network so outsiders cannot read it. WPA2 and WPA3 are the most up-to-date encryption standards to protect information sent over a wireless network. No WPA3 or WPA2 options on your router? Try updating your router software, then check again to see if WPA2 or WPA3 are available.
Secure your laptop and mobile phone: Make sure your work devices, laptops and mobile phones are physically safe, and that you avoid offering unauthorized views of confidential information. If you need to leave your home for supplies or other reasons, make sure your work devices are either shut down or locked—including any mobile phones you might use to check email or make work phone calls. New vulnerabilities are forever being found in applications and operating systems. And cybercriminals can’t resist exploiting them to infiltrate other people’s devices. So keep your operating system, applications and security software (e.g. antivirus / anti-malware engine) up to date.
Secure your user accounts: If you think cybercriminals (and regular criminals) will be sensitive to global events and refrain from attacking remote workers, sadly, you would be mistaken. Make sure the passwords are long, strong and unique: at least 12 characters that are a mix of numbers, symbols and capital and lowercase letters. Check with your IT Department to see if you can enable two-factor authentication and Single Sign On (SSO) to protect your user accounts to connect to keys systems and applications.
Secure your files and sensitive data: Leverage Encryption to protect files and folders containing sensitive confidential data. Encryption of laptop drives, files and folders helps protect information on stolen or compromised computers. Check whether data encryption is active on your work machine. If you are not sure, ask your IT department whether you have it, and if they think it is necessary.
Secure network connections: Make sure you have access to your organization’s cloud infrastructure and can tunnel in through a VPN with encryption. Secure your home Wi-Fi with a strong password, in case VPN is not an option or if it fails for some reason. Ensure connections to key business systems, and cloud applications are encrypted while communicating over public channels.
Secure your emails: Be wary of phishing emails. There will be many going around trying to capitalize on fear related to the coronavirus, questions about isolation and its psychological impacts, or even pretending to offer advice or health information. Scan those emails with a sharp eye and do not open attachments unless they are from a known, trusted source. I am sure we can expect to see a rise in Business Email Compromise (BEC) fraud. Your organization may be sending you many emails and missives about new workflows, processes, or reassurances to employees. Watch out for those disguising themselves as high-ranking employees and pay close attention to the actual email address of senders.
Want to learn more? Read our Whitepaper - The Essential Guide to Securing Remote Access
If you are able to work from home, thanks for helping slow the spread of the Coronavirus.
Be well and stay healthy!