Work From Home: Securing Your Computer and Network

Malware, ransomware, phishing emails, and social engineering; all these can cost a business millions of dollars. With how companies and employees are rapidly adopting digital work, it is important that they protect themselves from increasingly sophisticated cybercrimes. In fact, since the start of COVID-19, cybercrime has increased 600% in 2020 alone.

Cyber awareness starts with the individual. A network is only as strong as its weakest link. Therefore, if employees are not aware of these things, a business will eventually be compromised. With work from home, employees need to be more vigilant than ever. Home computers and networks are factors that need to be taken into account. Therefore this blog will focus on protecting an individual’s home network and computer.

  1. Always Connect to a VPN
  • Whenever an employee is on their work computer outside the office, they should be connected to a VPN. Only when an employee is connected to the VPN are they allowed to access a company’s internal network. This adds an additional layer of security. Individuals must log in AGAIN using a username and password before their computers can access the internet. Public WIFI and home networks can be compromised by hackers, a VPN allows a secure connection.
  • For personal use, it is also recommended to connect to a secure VPN. Services like Tunnelbear provides a cheap and secure VPN service for as little as $4 a month.
Logging In With the Cisco AnyConnect Client - Guide to Two-Factor  Authentication ยท Duo Security
Cisco AnyConnect is a perfect business VPN for employees to connect to

2. Strong WIFI password

  • This is something simple yet many people working from home do not do it. For example, older individuals and families would use simple and easy-to-remember passwords. Home phone numbers or family names are simple passwords that many people like to use. This is NOT recommended. A password should be at least 8 characters long with 1 upper-case, one lower-case, and a number. Your home router should be secured with WPA2 encryption and WPS should always be turned off.
  • Ambiguous WIFI names (SSIDs) are also important. Identifying your address OR who you are through your WIFI name is not recommended. Do not name your WIFI SSID “Huang’s family” or 1234MainStreet”. This allows hackers to identify who you are instantaneously. Keep it ambiguous like “SHAW-4431AB” OR “TELUS-1155AB”

3. Download an Adblock on your Browser

  • This may be controversial to some but having an Adblock installed on your browser blocks malicious ads and popups. Many online ads/popups are glorified phishing attempts and malware. By removing them completely from your sight, you will less likely to interact and open malware. I recommend uBlock Origin.

4. Create a work specific browser account

  • For employees, they may need to access Salesforce or other internal tools. To make life more efficient, many people would bookmark websites and save passwords onto their browser. To separate work and personal life, create a work account to store all bookmarks and passwords. Then secure it with multi-factor authentication.

5. DO not reuse passwords and change your password every 90 days

  • Another common thing individuals do is reusing passwords. An average person could have a dozen to two dozen passwords to remember. Work email, personal email, bank account, iCloud account, and etc are all highly vulnerable things that need to be secured. Do not use the same password for anything.
  • But how does one remember all these passwords? Install a password manager
Chrome is integrating the Google Password Manager UI natively
Google Chrome offers an internal password manager that automatically creates and saves passwords whenever you signup to a new website.

6. Keep your Computer Updated

  • Vulnerabilities against your personal and work computer are created everyday. Hackers have compromised secure operating systems like Windows and Mac through viruses with ease. It is crucially important that individuals update their computers. Windows users should have the latest version of Windows 10 installed. Do not use older operating systems like Windows XP, Vista, or 7. This goes is also true for Mac Turn on automatic updates and schedule them at midnight.

7. Antivirus

  • Another simple thing to do is to install an antivirus on your computer. Windows 10 makes it even more simple to do by having a full suite of antivirus products completely free for Windows 10 users. Make sure all your Windows Security features are turned on at all times.
Windows Defender Security Center
Windows 10 provides a lot of security features for free

8. Seperate Your Work Computer From Your Personal Computer

  • Do not use your work computer to do online shopping and do not use your personal computer to access salesforce. Similar to how many people keep their work life and personal life seperate, this should also be the case for your computers. By keeping things seperate, there is no cross contamination. No personal information is stored on your company’s servers and no corporate login credentials are stored on your personal computer.

9. Do Not Open Phishing Emails

  • It is easier than it sounds, but opening phishing emails are one of the most common ways individuals and companies get hacked. This is partially the responsibility of both the individual and the company. Cybersecurity personnel should always block incoming emails from any domain other than domains from the allowed filters. That includes company emails or even emails from contractors.
  • Individuals should be hyperaware of where an email is coming from. Look at who the email is from, grammar mistakes, and the hidden links in the email.
coronavirus phishing email scam
A phishing email regarding the coronavirus

10. Education

  • Cybercrime and attacks are constantly evolving. It is important to continually learn about this topic. Companies need to invest in new firewalls and network security software. Protecting yourself and your business will save you money and stress. Constantly learn about new phishing attacks and social engineering tricks. Report any potential cyberattacks to your company’s security team or the authorities if you were hacked. All this will go a long way.

Add a Comment

Your email address will not be published. Required fields are marked *