Work From Home: Securing Your Computer and Network
Posted On April 7, 2021
Malware, ransomware, phishing emails, and social engineering; all these can cost a business millions of dollars. With how companies and employees are rapidly adopting digital work, it is important that they protect themselves from increasingly sophisticated cybercrimes. In fact, since the start of COVID-19, cybercrime has increased 600% in 2020 alone.
Cyber awareness starts with the individual. A network is only as strong as its weakest link. Therefore, if employees are not aware of these things, a business will eventually be compromised. With work from home, employees need to be more vigilant than ever. Home computers and networks are factors that need to be taken into account. Therefore this blog will focus on protecting an individual’s home network and computer.
Always Connect to a VPN
Whenever an employee is on their work computer outside the office, they should be connected to a VPN. Only when an employee is connected to the VPN are they allowed to access a company’s internal network. This adds an additional layer of security. Individuals must log in AGAIN using a username and password before their computers can access the internet. Public WIFI and home networks can be compromised by hackers, a VPN allows a secure connection.
For personal use, it is also recommended to connect to a secure VPN. Services like Tunnelbear provides a cheap and secure VPN service for as little as $4 a month.
2. Strong WIFI password
This is something simple yet many people working from home do not do it. For example, older individuals and families would use simple and easy-to-remember passwords. Home phone numbers or family names are simple passwords that many people like to use. This is NOT recommended. A password should be at least 8 characters long with 1 upper-case, one lower-case, and a number. Your home router should be secured with WPA2 encryption and WPS should always be turned off.
Ambiguous WIFI names (SSIDs) are also important. Identifying your address OR who you are through your WIFI name is not recommended. Do not name your WIFI SSID “Huang’s family” or 1234MainStreet”. This allows hackers to identify who you are instantaneously. Keep it ambiguous like “SHAW-4431AB” OR “TELUS-1155AB”
3. Download an Adblock on your Browser
This may be controversial to some but having an Adblock installed on your browser blocks malicious ads and popups. Many online ads/popups are glorified phishing attempts and malware. By removing them completely from your sight, you will less likely to interact and open malware. I recommend uBlock Origin.
4. Create a work specific browser account
For employees, they may need to access Salesforce or other internal tools. To make life more efficient, many people would bookmark websites and save passwords onto their browser. To separate work and personal life, create a work account to store all bookmarks and passwords. Then secure it with multi-factor authentication.
5. DO not reuse passwords and change your password every 90 days
Another common thing individuals do is reusing passwords. An average person could have a dozen to two dozen passwords to remember. Work email, personal email, bank account, iCloud account, and etc are all highly vulnerable things that need to be secured. Do not use the same password for anything.
But how does one remember all these passwords? Install a password manager
6. Keep your Computer Updated
Vulnerabilities against your personal and work computer are created everyday. Hackers have compromised secure operating systems like Windows and Mac through viruses with ease. It is crucially important that individuals update their computers. Windows users should have the latest version of Windows 10 installed. Do not use older operating systems like Windows XP, Vista, or 7. This goes is also true for Mac Turn on automatic updates and schedule them at midnight.
Another simple thing to do is to install an antivirus on your computer. Windows 10 makes it even more simple to do by having a full suite of antivirus products completely free for Windows 10 users. Make sure all your Windows Security features are turned on at all times.
8. Seperate Your Work Computer From Your Personal Computer
Do not use your work computer to do online shopping and do not use your personal computer to access salesforce. Similar to how many people keep their work life and personal life seperate, this should also be the case for your computers. By keeping things seperate, there is no cross contamination. No personal information is stored on your company’s servers and no corporate login credentials are stored on your personal computer.
9. Do Not Open Phishing Emails
It is easier than it sounds, but opening phishing emails are one of the most common ways individuals and companies get hacked. This is partially the responsibility of both the individual and the company. Cybersecurity personnel should always block incoming emails from any domain other than domains from the allowed filters. That includes company emails or even emails from contractors.
Individuals should be hyperaware of where an email is coming from. Look at who the email is from, grammar mistakes, and the hidden links in the email.
Cybercrime and attacks are constantly evolving. It is important to continually learn about this topic. Companies need to invest in new firewalls and network security software. Protecting yourself and your business will save you money and stress. Constantly learn about new phishing attacks and social engineering tricks. Report any potential cyberattacks to your company’s security team or the authorities if you were hacked. All this will go a long way.