With the COVID-19 pandemic sweeping across the globe, maintaining a secure environment while working remotely has never been more important. This pandemic has created many new opportunities for cyber-criminals to exploit unsecured technology systems. Hackers are taking advantage of the current work environment to exploit vulnerable attack vectors in order to reap a reward. Because of this threat, employers and employees alike need to dedicate extra time towards securing the technology all employees use, especially in the InfoSec field.
Given the current working circumstances for many employees, we at PlexTrac have compiled a “How To” list for remote employees to follow. Following this list will help maximize your Cybersecurity level and minimize the vulnerability of your working environment. The complete list can be viewed below.
One of the most pressing areas you need to secure when working remotely is your Internet connection. The Internet is not only your key to the outside world and your work, but is also the outside world’s key into your devices. We recommend working on a private network with a non-default and complex password at the very least. However, if you are working with a mass of confidential and valuable information on a daily basis, we strongly recommend using a virtual private network (VPN) for your work computer.
A VPN is defined as “an extension of your private network across a public network, and enables users to send and receive data across shared or public networks as if their devices were connected to a private network”. Establishing a VPN creates an extra layer of security for your device. A VPN also ensures that even if a hacker breaches your Wi-Fi connection, they won’t immediately have an access point to your valuable work device.
The next bit of advice we can give is to maximize the security you have on work devices. On top of using a VPN, you can take a number of actions as an employee to ensure your devices are safe and secure. One of the first is to check that the software on your work device is up-to-date and running smoothly. Updating your software ensures bugs relating to security and vulnerability are all patched. This step is especially important with 3rd-party software, because software downloaded from the web has an exponentially higher vulnerability rate when compared to 1st-party software.
Installing and maintaining a firewall is also important for maximizing your security. Firewall programs like Norton, Comodo, TinyWall, and more all offer great services that help protect your device from outside Internet attacks like malware. Your devices usually have a default firewall in place as well, so ensuring your device firmware is up to date is also key to a maximized security posture.
Another way to maximize your device security is to use complex and varying passwords. While your password being set as “password” may save you time in the morning and is easy to remember, it’s also easy to guess. This sort of lazy security posture will guarantee an easy day at the office for a hacker. Simply take some extra time to develop complex passwords and memorize them, or store them safely away from devices, and your accounts will be more secure for it.
A complex password needs to be a minimum of 8 characters long, and it’s also recommended that is uses at least three of the four types of characters: lower-case letters, upper-case letters, numbers, or special characters (examples include !, $, @). You will also want to use more than one password on your varying work accounts. Varied passwords ensure that even if a hacker obtains one of your passwords, they do not have access to your full suite of data.
Multi-factor authentication (MFA) is an authentication method in which a computer user is only granted access after successfully presenting two or more pieces of evidence to an authentication mechanism. Multi-factor authentication for your vital account is crucial because hackers will need two access points to fully obtain control of your accounts. MFA means hackers will have to work twice and hard to get the same information they usually would have obtained with a typical password or breach.
Many websites and platforms are now requiring multi-factor authentication. However, even if the website you use doesn’t we still recommend setting it up for as many accounts as you can. Although it might be seen as cumbersome and time-consuming to always authenticate through more than one medium, this security implementation will do wonders for your personal security posture. A minor inconvenience for you could mean the difference between another day in the (home) office and an expensive and costly data breach.
The last piece of advice we can give to maximize your cybersecurity is to adjust your personal behavior. While ensuring your hardware, software, network, and more are all secure is vital to your overall cybersecurity level, your behavior on these systems is just as important. Non-work websites and links are one of the leading causes of vulnerabilities that hackers exploit, and these websites can only be reached if you’re surfing the web in a carefree manner. Delegate your social media scrolling and video game playing to your personal devices, and use your work devices only for employer-sanctioned, work-related web browsing.
Social engineering and phishing are another way hackers breach your systems, so knowing what behavior to look for and avoid is vital to your working environment. Hackers often pose as employees, IT workers, other companies, or even family members in email attacks. However, these attacks and many others are easy to spot if you’re educated and know the signs to look for. One of the best ways employers can make this information universal and common place is to send out an “Acceptable Internet Behavior” handbook for your employees to read and follow.
Cybersecurity is hard to maintain, even in a technologically advanced office building. This maintenance becomes even harder at home, a place more vulnerable to outside intruders and attacks. These tips should help to maximize your cybersecurity and protect you from external threats. After all, your remote work transition is likely hard enough on its own.