How to Make Remote Work Secure & Efficient
When you and your team are working remotely, protecting your systems and data is of the utmost importance. The following cybersecurity advice can help protect your business from possible threats:
1. Take a picture of your computer setup before you unplug and take things to your remote work location! 📸
A quick picture of where things are plugged and arranged, including the cable setup in the back, may save you hours of frustration later. And don’t forget to use an approved cleaning agent to wipe things down before using it.
2. Updates ✅
We know, updates take time, and it’s all too convenient to click ‘Remind Me Later’. However, many vulnerabilities exist in out-of-date software and are the perfect entry-point for hackers. Particularly if you’re working from a computer you already own but don’t typically use it for office work, protect your data by ensuring your software is up to date.
3. Don’t forget the antivirus and anti-malware tools 🦠
As a follow up to number two, this may sound obvious. These tools are highly valuable and are designed to reduce risk and keep your computer safe from threat actors that want access to your company’s data. However, just like your office tools, it’s easy to postpone those time-consuming updates—ultimately leaving you at risk. If you’re using a home computer for your work and don’t have an antivirus and anti-malware solution, ask your IT team to help installing one while working remotely.
4. Uninstall unnecessary software from your personal computer 🗑
If you are using a personal computer, please uninstall software that isn’t being used. Unused software usually isn’t updated with patches that prevent hackers from entering through known vulnerabilities. By removing unwanted or unused programs, you are reducing that risk.
5. Use the virtual private network (VPN) at all times 🔗
We understand, it’s one more thing you need to do before you can work. Think of it as your seatbelt when you get in the car to drive- that extra moment it takes, could be the moment that saves your office network from an attack. And don’t forget to re-engage the VPN every time you log on. It’s easy to put your computer to sleep when you walk away, forgetting that you’ve logged off the VPN.
6. Turn off automatic Wi-Fi connections ⛔️
One easy way for hackers to gain access to your computer is Wi-Fi spoofing. Let’s say you routinely connect to ‘Nacho Wi-Fi,’ so much that to save time, you click the button that says, ‘Connect Automatically.’ A hacker can set up a portal called ‘Nacho Wi-Fi,’ and your computer may unwittingly connect automatically to that portal because it has been identified as a safe network.
7. Separate your network ✂️
When possible, connect your computer to a different network than the rest of your remote location. It may be as simple as using the company VPN to create that secure connection. If you are more technically capable, then separate your company computer from the rest of the computers in your home via a different router or firewall. If your mobile data plan allows for unlimited data, consider using the hot spot on your phone instead of a guest network or your home network.
8. Lock your computer 🔐
When you aren’t using your computer, just like at the office, lock it to keep others from accessing your company data. And while you are thinking about computer use, please remember that your company computer is for business use only. While it might be convenient to check the news or order takeout, try to limit personal use and do not allow friends or family to use your work computer. Something as simple as a local restaurant’s takeout menu could end up being a malicious file that exposes your computer to malware.
9. Create a different user account for family and/or friends 👥
If you plan to use your personal computer for working remotely, create a separate user profile for you that is different than your other family members or friends. This is a major step towards helping the company meet cybersecurity objectives.
10. Use a password manager 🗂
The goal is to avoid saving passwords in the browser that can be easily swiped. We know sometimes it’s easier to click save, use the same passwords for different sites, or forego using multi-factor authentication when offered. However, sacrificing the convenience is well worth it to avoid a security incident and loss of data. Oh, and remember that using a spreadsheet to save your passwords isn’t much better than saving them in the browser. The worst violation is having your password on a post-it stuck to your computer screen- please, avoid this at all cost!
11. Secure the DNS settings on your personal computer. 🚧
The Domain Name System is like the internet’s phonebook- whenever you enter a domain name on a browser, it looks up the IP address, and connects you to the website. Talk to your IT team about installing a software tool on your home computer that can help keep you from accidentally going to the wrong places; like infected sites or fake websites where your identity can be stolen.
12. Ensure secure browser configuration 🌐
Browser extensions can be a hotbed for computer viruses. It’s best not to use them at all, but if you must, make sure those you are not using are uninstalled. If you’re not sure how to do this, ask your IT professional. Also, keep in mind that many browsers can have vulnerabilities that open you up to a variety of cyberattacks. We recommend using either Mozilla Firefox or Google Chrome, both have the most up-to-date security.
13. Beware of phishing attacks 🎣
Threat actors, also known as cybercriminals, are looking to take advantage of you when you least expect it. Be suspicious of emails about workplace policy changes or what may look like an email from a government agency. While working remotely, receiving an email that looks like it came from your boss or CEO with a subject line that reads, “Company Coronavirus Update” may seem normal, but it may not actually be from your company. Take a moment to review who it came from (the actual email address, not the name in the display). Also, question whether this person would typically send you an email like this.
14. Use strong passwords, when possible, two-factor authentication 💪
When you create password for an account remember to use strong passwords. To make a strong password make sure to use a combination of upper- and lower-case letters, numbers, and symbols. If 2-factor authentication is ever offered, make sure to use it! It takes an extra minute to logon, but the security benefit is priceless. Remember, if you ever receive a lot of 2-factor authentication codes while you are not trying to logon, you are currently being hacked!
15. Make sure your data is being backed up! 💾
Check with your IT team to ensure that the data you use for the company is being backed up! This is to avoid any potential deletion of important files and to prevent ransomware that can encrypt all important files. This is the last line of defense for the data after the firewall and anti-virus.
Finally, a reminder to stay diligent and vigilant. Our team is here to help ensure you and your team are secure, wherever it is you’re working from.