The third or fourth week of compulsory working from home is in full swing for a large part of the world. Most home workers are starting to find their niche, and although it is not always ideal, working from home does ‘work.’ But is that working from home safe enough? In this article, some general security tips from the security specialists of True. What can you do as an employee to work safely remotely?
Why work from home safely?
It is straightforward. The Public Prosecution Service expects more cybercrime shortly, which is mainly due to working from home. Public prosecutors are hoping cybercriminals to use this time to undertake the ‘regular procedures’ of organizations.
Safe digital working is a priority, of course, at all times, but because not all companies have 100% working from home, it is more important than ever to pay attention to its security. We have selected some general tips for you. Depending on what your organization looks like and what rights you have, a large part can still be applied today.
Six safe home working tips
In America, they now also work at home. The Federal Trade Commission (a kind of government variant of the Consumers’ Association) has written a manual about cybersecurity in smaller companies. We took this document as a base and added some additional guidelines.
Always follow the security guidelines of your organization!
The most important tip we have is first to check whether your organization has existing guidelines. Many organizations, especially the larger ones, have extensive documentation on how to handle safety. Many of the things we write in this blog post may be there. So always use that security guideline as a starting point.
Does your organization have no guidelines, or can’t you find them? Then check with the person or persons responsible for IT within the organization to be sure. We also recommend that you submit the tips from this blog post to that person before actually implementing them. Sometimes your organization may have already set up something for you.
Are you self-employed, or do you have a lot of freedom in how you organize your work? Then take advantage of it.
1. Updating software
Vulnerabilities or bugs are regularly found in software. The disadvantage of this is that the software no longer works properly or worse: that a malicious person can abuse it to, for example, access your laptop, and thus essential data from your employer.
Fortunately, most software builders are focused on preventing this. They regularly come with updates or patches to fix the vulnerability.
In most cases, it is recommended to update as soon as possible or even to set automatic updates. Do this for software such as your operating system (laptop, PC, smartphone, and tablet), applications, and web browsers, but also, for example, for online networks such as WordPress. The general rule is to update as soon as possible so that no one can take advantage of the vulnerability.
Of course, there are also exceptions to this. For example, if the update or patch compromises the operation of your software. The IT people in your organization know how to do this. So ask them for advice.
2. Encrypting devices
Most devices have the option of encryption (also known as encryption). Simply put, encryption ensures that the data on your device is under lock and key. You can only reach it if you have the key to unlock the lock.
Your device data is packaged in a human-readable, decrypted format. Data can be reread only after decryption, and most devices contain these mechanisms.
3. Enable basic security settings by default
The FTC recommends that you turn on the use of passwords, PINs, and things like fingerprint authentication or facial recognition as standard.
A password is required for most devices, but additional options are not always included. So check carefully what is possible for your devices in the settings. You may have unchecked some default options during installation. Now is an excellent time to take a closer look at them and turn them on again. Provided they can be used on your device, of course.
4. Use a password manager
Are you bad at remembering strong passwords? Then a password manager offers a solution. A password manager is a software in which you store all your passwords.
The password manager can only be opened with a master password (and with additional login methods, such as two-step verification).
That may sound very unsafe when you first hear it, but the opposite is exact. It is much more challenging to remember all your passwords yourself. For convenience, you can choose a password that already resembles something or maybe even the same password. And that may be another password that was once leaked.
On the Dark Web, many of these lists are freely available, and specialized software allows malicious parties to use them to log into your accounts. With a password manager, you largely prevent this, because this software can generate robust passwords for you that are difficult to crack due to the unique software of malicious parties.
5. Two-stage authentication or multi-factor authentication
In addition to the standard password, two-step verification and multi-factor authentication have also increased in recent years. Two-step verification means that you always need a second (and sometimes even third) device to log in—for example, your smartphone.
With two-step verification, you will see an extra field after logging into a website or web application. Via SMS, QR code, or select apps such as Google Authenticator, a code is generated that is unique for that login session.
With multi-factor authentication, a third aspect is often added, namely your biometric data. In that case, for example, you must log in with a) your password b) an automatically generated code on your smartphone and c) your fingerprint.
It may sound cumbersome, and you have to get used to it, but after that, it is quite simple. The great thing is that you can often use authenticator apps for all your online services, such as your social media.
More and more services are also adding two-stage or multi-factor authentication, making the web a little bit safer for yourself step by step.
6. Beware of cheaters
The last tip for employees is arguably one of the most important and also one of the most difficult to get good at because of pay close attention to cheaters.
Especially now, in times of the corona crisis, malicious parties try to extract essential data from employees or to gain access via so-called phishing mail. These emails seem to come from a reliable source, but when you click on the link of the email, malware is then installed.
Digvijay Rajddan is Marketing Manager at Design By Lavassa and has served as the Head of Conversion Marketing at Planet Web Solution. He’s an expert in inbound marketing and lead generation.