The COVID-19 pandemic has dramatically changed the way we work. Many of us have had to get used to working from home for extended periods of time. What does this mean for information security? The cyber threat landscape moves at lighting speed.
We need to stay vigilant and focused to avoid becoming victims of a scam or phishing attack. If you’re wondering what you can do to secure your home office, you’ve come to the right place. In this article, we will share some basic advice and security considerations for your new lifestyle.
Start with your device
First of all, what devices are you currently using to work from home? Is it your personal machine or your company’s? Are you using a phone configured and managed by your employer or your own? Do you connect with your work server from this machine?
Apply the same policies that you would apply in your office:
- Lock your screen or set it to lock automatically when you’re not around.
- Encrypt your hard-drive.
- Don’t let anyone else use your computer.
- Install a virus scanner.
- Make sure your device is safe for work.
Now that we covered the basics, let’s look at your internet connection
Routers are standard equipment in most households. As Wikipedia tells us, a router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the internet. This means all your traffic goes through your router (to your work machine, phones, tablets, laptops, and more.) The right kind of router may also protect you and your devices from cybercriminals. It’s crucial that you keep it secure.
So how do you do this?
Go to your router's settings. If you don't know how to do this, look at the device to identify the brand and model number. Then, look up the brand and model online to find out how to access the settings. Once you do this, we recommend that you:
- Change the password. Use a minimum of 15 characters. When you change the password all your devices will have to reconnect to the router, kicking out unwelcome visitors.
- Make sure that your router is always updated. Additional patches and updates could be necessary to ensure that known vulnerabilities are dealt with. This way, they are less likely to be used by cybercriminals. The process varies from router to router, check the documentation or the official support site in order to find out how to do this.
- Disable remote access. This function is designed to make remote access from outside your home easier. However, this increases the risks and we recommend that you disable it.
- Disable Universal Plug and Play (UPnP). This function can be used by cybercriminals to get access to your router's security settings.
- Disable Wi-Fi protected setup (WPS) to prevent unauthorized devices to gain access to your network.
- Organise your networks. We recommend you to have one network for work, one for guests and one for the rest of your devices.
Always use secure passwords
Last but not least, use secure passwords and change them regularly (at least once per year). The longer they are, the better.
- We recommend 15 characters or more.
- The complexity of the actual password is also important (use a mix of special characters, upper and lower-case letters and numbers). Make sure that you don't use one of the "top-10-most-used-passwords" in the world.
- Always use multi-factor authentication where the option exists.
- Always change the standard passwords when you buy something new.
- Never use the same password for different apps or websites. If you need help remembering them, use a password manager like LastPass, 1Password and KeePass.
- If you are unsure whether your account has been compromised, you can check a service like “have i been pwned” and then change your password immediately.
We hope these tips are helpful to stay secure in your new work environment! #VismaSecurityAwareness