Working from home is becoming the “new normal” for many people affected by the global pandemic. As we get more comfortable meeting via video chat and tuning out the sound of the dishwasher, it is important to stay aware of the risks that threaten the privacy and security of yourself and your organization. Misconfigurations on your machine or perimeter network could leave your data exposed to dangerous cybersecurity threats. In an ideal scenario, your company would provide you with a managed device, pre-configured with security software and controls, but that can be prohibitively costly or significantly increase administrative overhead.
Outside of establishing a routine, a dedicated workspace, and finite working hours, there are a few other essential items to consider as you begin working from home in the long-term. You must adequately protect your systems from unauthorized access. Use the following guidance from ProCircular to configure a more secure and resilient work-from-home set-up, and reduce the risk of cyber threats in this new frontier of remote business!
Secure Your Wireless Network
Misconfigurations in your wireless network allow for easy access into your home network, or even a corporate network. You can reduce the risk of misconfigured wireless networks by using the following set of best practices:
Proper equipment for your home wireless network is crucial to secure connected devices. There are many different kinds of wireless network equipment available at big-box stores or online retailers, but most of them have very similar functionality. Many new systems are considered an “all-in-one device” with advanced security features, such as a built-in firewall. Regardless of brand, the wireless router should support Guest Networks and Isolation and WPA2/WPA3 Encryption. You may even consider asking your employer to reimburse you for the more secure, updated, wireless network hardware!
It is not enough to purchase the latest and greatest hardware. The default settings that come pre-configured on the product may expose sensitive information to attackers. ProCircular recommends taking the following precautions when securing your home wireless network:
- Change Default Passwords: Default passwords are one of the most commons ways for attackers to gain access to your wireless network.
- Change the Wireless Network Name: Configure your wireless network name to be unique. Default network names frequently pique an attacker’s interest and can be a “quick win” with minimal effort.
- Wireless Password: Enable WPA2/WPA3 with AES encryption, and secure it with a long passphrase. The days of “123456” securing your network are long gone! Refrain from using WEP to secure access to your home network.
- Firmware Updates: Just like computers, wireless routers require updates to keep them safe from attackers. It is simple, yet imperative, to keep these systems updated.
- Enable a Guest Network: Newer hardware and wireless routers are capable of enabling “guest” access. This type of access keeps your devices secure from visitors, children, and even those necessary Internet of Things (IoT) devices.
Do your best to refrain from connecting to untrusted wireless networks, although that may not always be feasible. If you are in a public area, such as your favorite coffee shop, you can protect your internet connection and data from prying eyes and attackers by using a Virtual Private Network (VPN). Ask your company to provide you with a secure VPN for work tasks. Additionally, you can subscribe to a personal VPN service, such as Private Internet Access, for a minimal fee.
Secure Your Computer
If you are lucky enough to have been provisioned a corporate machine, that is FANTASTIC! If you are stuck completing the duties of your job from a personal computer, the following tips can decrease the likelihood and risk of cyber threats reaching your personal or corporate data.
Enable Automatic Updates
Each operating system has an automatic update feature to provide timely security updates and protect the system from vulnerabilities that have been identified and remediated by the manufacturer. Confirm your update settings are enabled to “automatically download and install.” The guides linked below can help you find the appropriate update settings on the most common desktops and laptops:
Endpoint Security Software
Purchase and install a home anti-virus software. Microsoft has started to include anti-virus by default on most newer computers; however, an additional layer of protection can help supplement the default software. Consider installing a solution that has real-time protection features, such as PCMatic, MalwareBytes, or similar. You may even consider asking your employer if they have a license they can assign to you.
Dedicated Computer Usage
It is your computer, refrain from sharing it with other family members or friends, especially if you use it to conduct work business. Minimize the number of users and manage which sites are visited to ensure security.
Full Disk Encryption
Advanced Steps / Protections
These last simple steps minimize the risk of unauthorized access to your data, even after you reach a baseline level of cybersecurity protection. General cyber hygiene should include the following:
- Password Vaults: Consider using a password manager, such as LastPass or 1Password, to help generate and securely store credentials for your personal and corporate accounts.
- Multi-Factor Authentication (MFA): For any account that supports it, especially your company accounts, enable MFA to enhance authentication to websites and systems.
- Lock Your Screen: When stepping away from your machine, consider locking your screen so others cannot access the system without your knowledge. This practice is especially important during work hours. Quickly lock your Windows machine by pressing the following keys simultaneously:
- Paper Disposal: If you print company data or otherwise sensitive information, consider purchasing a cross-cut shredder to dispose of the documents when you are finished.