How To Stay Safe Whilst Working From Home?
22 April 2020
How To Stay Safe Whilst Working From Home
Within the security industry, we have seen a lot of emphasis during the lockdown period being on the security of their premises whilst empty. Whilst we agree on the importance of this and will cover this in another article, how much thought has gone into the security of remote working? Over the last decade remote working has grown in popularity and a study in 2018 by IWG found that 70% of professionals work remotely for at least one day a week. However, even with the increase in remote working, the coronavirus lockdown has forced many professionals into territory unknown to them, now it’s not just remote working, its full time working from home.
What we have found as a security provider, quite understandably, was that clients were not prepared for the large-scale remote working. Some did not have the remote capabilities to dial in at all for any of its staff. This led to us having to assist in setting up the remote service for clients to enable their staff to work from home. This comes with its own risks as with the rush to get setup to work full time remotely, security measures will often get missed.
Given the circumstances we are all in, we want to share some useful security tips. These are not only for IT teams but for individual workers to take their own precautions in ensuring that the security of the connection and of any confidential information that they may handle.
Tip 1 – The Security of your Devices
It’s obvious, but the obvious is usually what is missed. Make sure your devices are safe and that you avoid opening your devices to where confidential information may be viewed. For example, if you need to leave your device for any period, ensure it is shut down or at the very least, locked. We would also suggest making sure these steps apply to your mobile phones as most likely they will receive work emails and you will make work calls from them. This should also apply if you have children or a flat mate, lock your devices even if you step away from them for a moment. You would generally do this in your workplace so make sure this reflects when working from home.
If you have not the space to have a separate workspace in your home, then make sure that all your devices are packed up and stored away at the end of the day. This is important for two reasons, it will ensure that the devices are not accidentally opened, damaged or stolen but it’s also important that whilst we are all working from home, we do our very best to separate our work and home life as best as we can.
Tip 2 – Accessing the Companies System
As we alluded to earlier, in the rush to get setup to working from home there is every chance that the security measures involved in remote working may have been missed. Most likely the office network was protected to a degree that not much thought was given to securing devices, especially if the device is a personal laptop which is having to be used. Whichever way, we all need to be on guard against unauthorised access. During this global event Cyber Crime is on the rise and we must do all we can to negate that and not offer an easy route in.
One thing to always ensure is making sure the device is password protected, something strong, not anything personal to you or famous dates as this are the easiest to find out for Cybercriminals. If the device is hacked, or stolen, this will make it more difficult to access. If you currently do not have a single sign-on service, the maybe it would be worth considering using a password manager. If you have total access to your work management system, then no doubt there is a variety of passwords to remember to gain access. A password manager will be a lot more secure than a list of passwords saved on your desktop or on a post-it notes on your desk.
Encrypting helps protect information on devices. It would be worth speaking with your IT to check if data encryption is active on your devices or whether they believe it is required. When connecting to your home network, make sure when prompted that you do not make the device visible to others on the same network. If you do have to add to the Home Group, then ensure that you make sure that the option to share files are off.
Tip 3 – Using Work and Personal Devices
We are all faced with the challenges that come with working from home during the lockdown and we need to try and separate as best as possible. There are a lot of us home schooling and utilising devices to log in to the online assignments. We are also trying to secure delivery slots for ordering shopping and other online goods. It may seem overkill to continually switch between the two, but we think it is important to keep your main work computer and home computer separate if you can. The more programs you install, the more potential vulnerabilities you introduce.
Do not pay home bills or compile home related on your work devices. This is personal information that can be used if a Cybercriminal was looking to breach your company Only use you work email address for work emails and personal email address for personal emails. Not only does it look unprofessional, but you are again opening yourself up over multiple communication portals which could result in a breach.
With home schooling, its important no to carry this out on a work device. A child’s digital curriculum and a company network breach are big targets. Not only can a Cybercriminal access a company’s network through an unsecured remote worker, but they can also gather valuable student information (PII Data) for the use in creating Trojan Malware.
Tip 4 – Secure your Home Connections
Again, these are obvious but are at times approached with an ‘it won’t happen to us’ attitude.
Make sure you access to the company’s cloud and can tunnel through an encrypted VPN If a VPN isn’t an option and Wi-Fi is the only route in, look at you home Wi-Fi password, is it strong? Most probably not. It is worth changing it to something secure and strong. One thing that is consistently missed on home routers is that the access to setting should also be password protected. And different to the main Wi-Fi password. Most home routers will generally have the default password left that it came with which is easily found online by searching.
Tip 5 – Our Favourite, Cyber Security Practices
One of our services is Cyber Security so we feel it’s necessary to add a few pointers, although common place, can be easily looked over or forgotten about when working in a home environment.
I am sure most companies have seen a rise in phishing emails going around since the pandemic took hold. Quite a lot of what we have seen are attempts to capitalise on fear related to the Coronavirus. There have been offers of health advise, isolation advise etc. trying to draw you in to open the attachment. Look at these emails closely, look at the email address as they tend to differ from the title. Just be vigilant, if they are not from a known and trusted source, don’t open them.
There is also an expectation in a rise of Business Email Compromise Fraud. If you are receiving emails that relate to business processes, reassurances etc. they could be disguised as a member of your company’s management team. Look at the way it is presented, if it seems off, it most likely is. Again, look at the email address from the sender, most likely it will not add up so do not open any attachments that come with these emails.
Always remain vigilant around social media, maintain your usual behaviour without overexposure. Watch out for scams and misinformation as social media is highly used medium for criminals to draw in their victims.
Tip 6 – A few other Secure Precautions to consider
As we said earlier, not ever company was prepared for this, to be honest, if they were it was pure chance through active remote workers being a part of their core business workflow. If you are unsure on the guidelines, companies like us are here to assist with this making sure you are safe and secure from Cyber Crime. Ask questions and ask for direction, this way you will have peace of mind and feel secure working remotely. Before reaching out to a company like ours, it may be worth asking in house a few questions that can avoid a breach or security disaster.
Who is responsible for the updates? Are you or is your IT team tasked to do this? Does your system require additional security software? This maybe yes as you are away from the company’s network. Ask your IT department whether you should install any programmes. Backing up data is as important than ever, how will this be done? Can you save your files and backup to the cloud? Or would your IT prefer to your local files? Find out which one is preferred.
Just to Add….
For many of us this adjustment came fast and was big. Many of us have settled into a way of working which works, many are still struggling to get to grips with it all. It is frustrating and exhausting and as human being we all thrive on seeing light at the end of a tunnel which right now seems a little way off. Us adding in Security tips may just add to your frustrations and we get it. We all just need to take this one day at a time. We are all in this together whether we know each other or not.
The tricky bit when working from home is distraction, find somewhere comfortable, try and minimise distraction from others as well as making sure your presence has minimal impact on them also. Take breaks, get exercise, don’t be lured in by Netflix or other distractions around the home. There needs to be structure to your day. For many this may change the way they work post lockdown, we shall see. But right now, stay safe, everyone!