We’re going to give you some tips on how to stay secure while working from home. We’ve also included some bonus tips about keeping your employees secure.
Here’s a quick summary:
- Use a VPN
- Fortify Your Home Network
- Separate and Secure Devices
- Secure Your Login
- Watch out for Phishing
Let’s get started.
1. Use a VPN
If you’re anywhere besides your office, it’s important to use a Virtual Private Network (VPN). A VPN is like secure tunnel that masks your data and IP address. It can protect you from hackers and others while you access the internet.
How a VPN Works. Image: AT&T Cybersecurity
When it comes to working from home, you should use a VPN to protect company information that is being transmitted. This is especially true if you are connected to a public wireless network.
2. Fortify Your Home Network
Leaving default settings and ignoring best security practices can leave your home network vulnerable to attacks. At a minimum, we recommend doing the following:
- Change the name of your network. Your router comes with a default name that will show what type of router it is, making it easier to hackers to exploit it. When changing the name, avoid using personal information such as your first or last name. Learn how to change the network name, also known as the Service Set Identifier (SSID), here.
Example of network settings for your router. Image: Lifewire
- Create a unique password for your network. Your router will also come with a default password that you can use to access the network. These are pretty easy for cyber criminals to guess, so try changing it as soon as possible.
- Enable encryption. You might have noticed that wireless networks have WEP, WPA, and WPA2 security options. Currently, WPA2 is the best option out of the three. Your network is probably using it already, but see how to enable WPA2 encryption.
3. Separate and Secure Devices
Many people rely on their personal computer to work from home. This can be risky, as the device may be unsecure or already infected with malware. Having a separate computer for work is the safest option. Avoid accessing your social media and personal email on your work computer and keep work data on your work computer.
Any time you are away from your device, be sure it is locked and password protected. Nobody should be able to access or use your work device.
For malware protection, use anti-virus software. If you’re on a Windows machine, you can use Windows Defender. As a remote worker, run scans often – try for once a day.
4. Secure Your Login
To prevent cyber-attacks, add more layers of security to your login. Here’s how:
- Use long and unique passwords for every login
- Enable two- or multi-factor authentication
Every password should be 12+ characters with a mix of upper and lowercase letters, numbers, and symbols. See below for a guide.
How to Create a Strong, Complex Password. Image: KnowBe4
Using a unique password for every account that you have can get confusing, so we recommend using a password manager. It will securely store your information and even generate strong passwords for you.
Many programs have the option for multi-factor authentication, which is as simple as connecting your cell phone, email, or an authentication app. If you have the option to add more than one authentication method, do so for the maximum amount of security.
5. Watch out for Phishing
Phishing is at an all-time high since 2019 and continues to get more complex. Be on high alert for unsolicited, strange, or demanding emails. For example, if you get an unusual email to pay an invoice, reach out to that person directly via phone to see what’s going on. Their email might have been compromised.
Your organization might provide training, but if not, there are resources online to help you learn about cybersecurity. Check out these videos for some security awareness basics.
Here are some tips for helping your employees stay secure while they work remotely:
- Review access. Depending on your industry, you may or may not want all employees to have remote access to company files. Review it often, or as soon as a request is made, to ensure only authorized users have access.
- Provide security awareness training. One of the best investments you can make is security awareness training for all employees. We focus on phishing, one of the most effective cyber-attacks. Learn more about it here.
- Supply company computers. As discussed previously, you should try to supply employees with their company computers and have your IT department set it up for you. This can eliminate some risk assuming that the employee only uses the work computer for its intended purpose.
Any questions or comments? Feel free to contact us.