Working from home has become the new normal for many of us. It has a host of advantages, but with cyberattacks happening every 39 seconds on the web, remote working comes with a few additional responsibilities as well.
You as a remote worker, you are more vulnerable to cyber-attacks than your office-bound colleagues.
It can be tempting to cut corners or ignore cyber security risks when we feel safe in our own homes, but doing so can put your data, personal information, and company at risk. Thus, costing the business tons of money. In fact, according to IBM survey, organizations with more than 60 percent of employees working remotely had a higher average data breach cost than those without remote workers.
This is why in this post; we’ll share 8 cyber security tips and good remote working habits to help keep your environment safe.
Cyber security tip 1: Secure your wireless network
When it comes to remote working, the first step to a safe and protected remote environment, must be a secure wireless network that can protect your information and keep your work safe.
To achieve this, make sure:
- Your router has the latest firmware updates installed and to update them regularly.
- Ensure All Wi-Fi devices in your house have strong passwords set up (never use the default manufacturer settings).
- Be careful when connecting to your home network through remote access applications. LogMeIn, GoToMyPC, Splashtop and many other similar applications are an easy way for malicious actors to gain access to your home network if not set up properly. Consider disablinge them entirely if you can.
- To set up port forwarding rules so only authorized IP addresses can access your home network services.
- To turn off UPnP (unless you really need it) and enable WPA2 encryption, which is the most secure form of wireless security available.
- Finally, regularly check for any unauthorized access attempts, and if you notice any unusual activity on your network, be sure to change your passwords immediately.
Cyber security tip 2: Update your software regularly
Another crucial cybersecurity habit is to always keep your computer’s operating system and applications up to date with the latest patches and fixes.
- It is essential to update your computer as soon as new updates are released, because these can contain security measures that prevent malicious programs from exploiting weaknesses in the software.
- Most operating systems have an automated update feature which will check for updates regularly and download them when available.
- Other than application, it is also important to keep all plugins used on the computer up to date, as well as any anti-virus and malware protection software that are installed.
If you don’t update, it can be like leaving the front door unlocked while you’re sleeping: an easy way for bad guys to get in and take what they want without having to break down any walls or windows.
If you use outsourced IT services, your remote IT support provider will ensure all security updates, and new OS versions are upgraded, and devices restarted for these to apply. Good providers can conduct this after hours so that it does not interfere with your work.
Cyber security tip 3: Strengthen your passwords
Don’t Reuse Passwords. Use strong passwords that are different across all accounts.
If a cybercriminal were to access one account, they would be unable to gain access to all your accounts if you’re using unique passwords. In fact, according to a Verizon Data Breach Investigations Report (DBIR), 81% of hacking-related breaches used stolen passwords and/or weak password.
Creating complex and varied passwords is one of the best ways to protect yourself from any cyber threats when working from home. To do this, make sure to:
- Avoid words that are easy to guess or personal information such as your name, address or date of birth.
- Use phrases instead of singular words with combination of lowercase letters, uppercase letters, numbers and symbols to make the password even harder to crack.
- And finally take advantage of password managers (Tip number 5) or generators to help create secure and unique passwords for each account.
Furthermore, if your firm outsources its IT department, your IT provider should be able to establish a company-wide password policy to enforce strong and complex passwords. They can also set up a Same-Sign-On solution for those who work across multiple business apps. This is where a single strong and complex password is used across all applications with MFA enabled.
Cyber security tip 4: Set up two-factor or multi-factor authentication
Add an additional layer of protection to your online accounts by setting up two-factor authentication (2FA), that require two forms of verification before you are allowed to access your account. This could involve a combination of something you know (such as a password), something you have (such as your phone) or something you are (biometrics).
Even better, as an alternative, consider using a Multi-Factor Authentication (MFA) app to generate time-based one-time passwords (called TOTP) that can only be used once. This is a temporary, single-use passcode that you have to receive and enter before they expire to complete the login process.
Using these authentication methods ensures that even if someone obtains your username and password, they will still require another form of authentication to gain access to your account. You need this especially when logging onto emails from ‘unauthorised’ devices or when accessing emails and files via the browser rather than your ‘authorised’ device.
So, keep your authentication information secure – never share it with anyone, even if they claim to be from the company you’re working for.
Cyber security tip 5: Use a secure password manager
If you’re not already using one, now it’s the time—so you can secure your accounts.
Relating to tip number 3, a password manager is an application that helps you create and store complex passwords, making them more difficult to crack, and can store them in an encrypted database that only you have access to–and it will automatically log you into websites whenever necessary.
It also eliminates the need to write down passwords or to reuse the same password across multiple accounts. With a password manager, you can generate unique, strong passwords for each account, and you can access them with just one master password. This will help keep your accounts secure, even if one account is compromised.
Additionally, you can use two-factor authentication (2FA) with a password manager to add an extra layer of security when logging in remotely. This provides additional protection against unauthorized access to your online accounts.
There are many great options available, including LastPass, Dashlane and 1Password. Here at Sereno we recommend Keeper, which we also use ourselves.
Cyber security tip 6: Use an effective Antivirus Software
Very important now—especially with the increasing number of cyber-attacks and data breaches.
Using an effective firewall and antivirus software solution will keep your data safe and help protect your computer from malicious software, viruses, and other security threats. Make sure to:
- Use security tools that are appropriate for your operating system (Windows, Mac OS X) and do not conflict with any other apps in use, particularly those that consume a lot of processing power, as this might cause the device to slow down, reducing productivity.
- Ensure that your antivirus solution is up to date and that all settings are enabled to detect the latest threats. Your IT support provider should have alerting in place to ensure this on your behalf.
- Also, make sure to regularly scan your computer for any malicious programs or viruses. For an optimal protection, speak to your IT department or IT provider about getting an Endpoint Protection Platform (EPP) solution which provide more fully featured comprehensive protection against wide range of digital threats.
Cyber security tip 7: Always be on the lookout for strange emails
Even if you are working from home and you have no reason to believe that anyone is trying to hack your computer, it’s still important to be vigilant about opening emails.
Email scams are still very common, and many people fall victim because they don’t realize how easy it is for hackers to spoof an email address or make an email appear to come from someone you know personally. They’re also often designed to look like an urgent message requiring immediate attention.
- Don’t click on suspicious links or attachments in emails or texts, no matter how tempting it may seem.
- If you receive an email with a link that looks like it’s from someone you know but the grammar is off, or if the sender addresses you by name but doesn’t use your full name (e.g., “Hi John Smith”), don’t open it.
- If you get an unexpected message and attachments, don’t open them and don’t delete them just yet!
- Instead, forward them directly to your IT department so they can check out whether there is any truth behind these messages before taking any action yourself.
- Always report suspicious or illegitimate emails to your IT department or IT provider. This can help others avoid falling victim too (and helps companies improve their IT security).
- And finally, stay up to date with the latest email threats and strategies by attending your company’s cybersecurity trainings. Here at Sereno provides regular interactive IT security awareness training, conducted remotely and online for all our clients’ personnel as part of our onboarding processes and IT security packages.
Cyber security tip 8: Keep Your Mobile Devices Secure
Mobile devices are getting more and more secure, but hackers are getting even better at attacking them too.
If you are using mobile devices for work purposes, like a smartphone, it is important to keep it secured with a strong password/pin and to only download apps from trusted sources.
- Don’t connect to unknown Wi-fi hotspots. If you do, somebody else could access, to what you’re working as well as your private login details that many apps and web services maintain whilst you’re logged on.
- If there is no Wi-Fi, use your mobile 3G or 4G mobile network, which will have built-in security.
- Be wary of phishing attempts via phone calls and text messages. Mobile devices are often targeted by cybercriminals since they usually contain a wealth of personal and corporate data.
- Same as your computer, keep your phones, tables up to date with latest updates that contain critical security updates to keep the device protected. At some point, these updates will no longer be available (as the device reaches the end of its supported life), at which point you should consider replacing it with a modern alternative.
- If you have in-house IT department or outsource your IT support, consider using a Mobile Device Management tool, such as Microsoft Intune, to apply security controls on mobiles, further securing company data – such as the ability to wipe corporate data from stolen devices, and only allowing secure approved apps to be installed etc..
Bonus cyber security tip: Set up an emergency communication plan
And finally, onto our last and bonus tip: You shouldn’t only have one plan for what happens if the internet goes down, or your devices are stolen.
If you happen to encounter a cybersecurity threat or get hacked (hopefully not if you follow these cyber security tips), it’s important to ensure that both you, your work colleagues and any users under the same network, know what to do in case of an emergency. So create a plan with them and make sure everyone is on board with it.
By some counts, there are around 65,000 attacks per day on small and medium businesses (SMBs) in the UK, making an emergency communication plan in the event of an attack, even more important. It can be as simple as including:
- An out-of-office email that lets anyone who needs to reach you know that there is an issue with your technology (and hopefully not something more serious).
- A contact number for someone from your IT department or Outsourced IT provider who can help fix any IT problems immediately or even lock and wipe compromised data.
