With so many employees working from home for the first time, it’s easy to get caught up in the stresses of adapting to digital work. From learning the etiquette of Zoom calls to figuring out how your time tracking apps work, you’ve got a lot to figure out.
Understandably, the last thing on your mind when you’re stressing about setting up all of your equipment at home is the security risk that comes with remote working.
The truth is that remote working makes companies more vulnerable to cyber-attacks. When you’re in the office, the IT team is constantly working to secure the company network and respond to any potential threats. And remind you for the fifth time, Greg, that you need to change your password every month.
However, when you’re working at home, you don’t have the IT team securing your network. You’re using a pretty insecure home network, and cybercriminals know it. Cybercrime incidents have risen by 600% over the last year, and a large part of that is driven by the rise in remote working.
So, let’s take a look at how you can keep your digital workspace secure with these work from home security awareness tips.
Keep Work on Your Work Devices
If you’ve been provided with a work laptop, then there’s a good chance it’s already been pre-installed with antivirus software, encryption protocols, and other security measures. While it’s tempting to log into your work email on your phone before bed, your personal devices won’t have the same protections in place. They might even already be infected with malware without you knowing - which is more common than you might think.
Using your personal devices on your work network, or even to view work data, introduces a huge cybersecurity risk. So, for the sake of your mental health and your company’s security, keep work data on your work devices.
Use Two-Factor Authentication
Sure, two-factor authentication (2FA) makes logging in a bit more of a chore. However, the IT team doesn’t ask you to do it because it wastes your time. You need 2FA because it makes it far harder for hackers to compromise your system or accounts.
2FA isn’t impenetrable by any means, and even physical 2FA keys can be stolen. It’s far better than securing all of your accounts with a single password, though.
Use Strong, Unique Passwords for Every Account
Speaking of passwords, you need to have a strong, unique password for every account. We know that the whole “8 characters, one capital letter, and one special character” requirement is a meme these days, but it’s the best way to keep your account secure. Research shows that a 12-character password takes 62 trillion times longer to crack than a 6-character one.
We recommend using a password manager like LastPass to securely save these passwords because they can be hard to remember. Most password managers also have secure password generators.
Always Install Updates
We’ve all clicked “Not now” on updates that come up on our devices, but it’s vital to install updates as they come out on the devices you use for work. It takes a bit of time out of your day, but it ensures your devices always have the latest security patches.
Always Be Suspicious
Whenever an email lands in your inbox, even if it seems to be from one of your colleagues, you should always consider the possibility of a phishing attempt. Cybercriminals are becoming more sophisticated and can easily spoof emails or hijack email chains to insert malicious links or documents containing malware.
If the email has poor spelling, comes from a public email domain, makes you feel like you have to take action immediately, or you just weren’t expecting an email containing a file attachment, send it straight to your junk folder.
Secure Your Router
Home routers are known to be far more vulnerable than corporate-grade networking devices, so you must secure them as much as possible.
Before you even log in to your work network at home for the first time, peel off the password sticker from your router and save the data in a password manager, if you need it. You should also change the password the router came with, as these are typically easy to crack. There’s a full guide on how to secure your home router here.
Don’t Use Public WiFi
It can be tempting to head to your local bar or coffee shop for a change of scenery, but under no circumstances should you use public WiFi without any protection. You never know who else is using the network and if they’re snooping on your data.
Plus, when you’re using your work devices in public, anyone can physically look at your screen and take note of any proprietary information or other data like usernames and passwords. So, we recommend not using public WiFi networks if you can avoid it.
Use a VPN
A VPN, or Virtual Private Network, serves to encrypt your data and route it through secured servers so it’s fully protected between you and the destination server.
If your workplace has provided you with a VPN, make sure you constantly have it running while you’re working.
However, if you don’t have one provided, we recommend purchasing one for use anyway - just make sure you clear it with the IT team first! Look for a VPN with military-grade, or 256-bit encryption, and a kill switch that cuts your internet connection if you lose your connection with the VPN server.
Working from Home Security Awareness: In Summary
Hackers and cybercriminals are taking advantage of this new wave of remote workers, so it’s everyone’s responsibility to stop them from finding a way into your company’s network. By following these eight tips, implementing security awareness training, and ensuring you stay compliant with your workplace’s cybersecurity policies, you can help stop your company from being the next big ransomware or data breach victim.