With one in three Americans being ordered to stay at home during the pandemic, more companies than ever are allowing employees to work remote. Working remotely may be a struggle for those trying to juggle time between getting work done and attending to family. There are most likely dozens of things going on in your head while adapting to this change of lifestyle. But there is one more vital task that is most likely being overlooked; maintaining cybersecurity best practices.
As an MSSP, we have noticed a few trends over the past few months. Not only can remote workers have their own privacy put at risk, working from home could also result in breaching company security. To help you stay safe online so you can do your job with peace of mind, it is important to follow these four tips:
1. When using home equipment:
Home computers that will be used to access your corporate networks should not be shared with other household members (especially kids) in order to provide the best user experience and safest working conditions. Prior to these systems connecting to the office network the first time, you should ensure that anti-virus utilities are installed, up-to-date and a full scan of the machine has been run.
2. If you are using public wifi:
Most workers will be working out their home where they can secure their wifi. But some may have to use unsecured public wifi networks which are prime spots for malicious parties to spy on internet traffic and collect confidential information. Don’t connect to public Wi-Fi without VPN. If you must use them without, avoid accessing personal or business accounts with sensitive data while connected to that network.
3. Secure your home router:
Do you know if you changed your router password when it was first installed? Many people didn’t, which results in a vulnerable home network. It’s important to take simple steps to protect your home network to prevent malicious parties having access to connected devices. Changing your router password is a good first step, but there are other actions you can take. For example, you should make sure firmware updates are installed so that security vulnerabilities can be patched. The encryption should be set to WPA2 or WPA3. Restrict inbound and outbound traffic, use the highest level of encryption available, and switch off WPS.
4. Back up your data:
Data can be lost in a number of ways including human error, physical damage to hardware, or a cyber attack. Ransomware and other types of malware can wipe entire systems without you having a chance to take action. When working from home, always save documents to shared drives that are backed up to cloud. NEVER save important documents locally on your desktop.
5. Beware of increased amounts of phishing attempts:
Hackers always look for ways to benefit from hard times. As the pandemic continues to circulate in the news, there will continue to be an uptick of related scams and cyber threats. Most cyber threats are only successful because of human error. Cybersecurity awareness training is crucial. Always beware of any external sites you visit, clickable links in emails, and communications requesting financial actions.
For the Sixth and Seventh Day of Cybersecurity, we are offering our Remote Work Action Pack and a discount on our Security Starter program. The Remote Action Pack will provide important information to collect from remote employees and the Security Starter will help secure your remote workforce.