Working from home has become the norm for most companies in Toronto. Many predict that remote working will continue remain prevalent across multiple sectors into the future.
While working from home is convenient and has many benefits, it also exposes both individuals and businesses to a range of cybersecurity risks. That’s why it is essential to give serious consideration to home cybersecurity. By following best practices, you can mitigate most cybersecurity work from home threats quite easily.
1. Stay Consistent On Updates
If you’re alerted about a software update on any of your devices, be sure to install the latest software as soon as possible. Software updates (including those for antivirus programs) fix security flaws and help safeguard your data.
On your smartphone, it’s important to pay attention to notifications you receive for operating software updates and for changes that affect your apps, especially if you use a single phone to manage both your work and your personal life.
2. Don’t Turn Off The VPN
You may be accessing your employer’s network through a VPN, or virtual private network. A VPN secures information transmitted between employer and employee through what’s known as data encryption. It’s designed to prevent cybercrooks and cyberspies from intercepting sensitive data, such as financial documents and customer information.
If you’re using a VPN on one of your devices, don’t turn it off when you’re working. Otherwise, you’ll lose a tool that could block an attempt to steal proprietary information.
Also, be sure to avoid using public Wi-Fi networks when you’re accessing work-related accounts, unless you’ve signed in to your employer’s VPN.
3. Use Secure Passwords
Time and time again we see user passwords treated with minimal to no security. They are kept in plaintext, reused again and again by employees, and left to fend for themselves in the form of single-factor authentication. This practice has resulted in billions of dollars stolen and enormous data breaches from which it takes organizations months, sometimes years, to recover, say Microsoft.
Your devices should require entering a password before anyone can use them. Your Wi-Fi network and router, which connects your internet-enabled wireless and wired devices, also should be password-protected. You should be sure to switch your router’s password from the default setting to a unique setting.
We recommend creating a strong, lengthy password for every online account you log in to on an employer-issued device. Norton says a password should be at least 10 characters, excluding real words or personal information (like a birthdate).
“By combining uppercase and lowercase letters with numbers and special characters, such as ‘&’ or ‘$,’ you can increase the complexity of your password and help decrease the chances of someone potentially hacking into your account,” Norton says.
Caution against using passwords that repeat numbers (000000), or contain sequences (123456) or are frequently used. Common passwords include “password,” “test1,” “qwerty” and “iloveyou.”
4. Use Multi-Factor Authentication
Multi-factor authentication is a process in which users are prompted during the sign-in process for an additional form of identification, such as a code on their cellphone or a fingerprint scan. Providers such as Microsoft offer Multifactor authentication (MFA) adds a layer of protection to the sign-in process. When accessing accounts or apps, users provide additional identity verification.
If you only use a password to authenticate a user, it leaves an insecure vector for attack. If the password is weak or has been exposed elsewhere, an attacker could be using it to gain access. When you require a second form of authentication, security is increased because this additional factor isn’t something that’s easy for an attacker to obtain or duplicate.
5. Look Out for Phishing Scams
Cybercriminals are capitalizing on the remote-work wave to flood inboxes with fake emails.
Cybersecurity experts warn, . “These emails are designed to take advantage of people’s curiosity and thirst for knowledge about pandemic-related topics,” MonsterCloud says.
Norton offers this example: You receive an email that seems to be from your company about a new corporate policy regarding the coronavirus. But the email is actually part of a phishing scam. The email includes an attachment or embedded link that the scammer wants you to click on. That click could unleash malware onto your device. As such, be careful about clicking on any attachments or links in any email.
Scammers send phishing emails that appear to be from a trusted organization, such as an employer, in order to steal account numbers, passwords and other sensitive information.
Most of the things that they could gain access to could absolutely make life miserable for you.
6. Keep Your Devices Separate
Let’s say you watch Netflix shows on your tablet, pay bills on your home laptop and do work on your employer-provided laptop. If so, keep it that way. When you do work tasks on your home laptop, for instance, you might be jeopardizing sensitive business data if your personal laptop lacks the proper security.
In addition, family and friends shouldn’t be allowed to use your employer-issued devices.
Coleman notes that the various personal and work devices we use at home are tempting targets for cybercriminals. To make matters worse, those devices may be getting more of a workout these days, with kids learning remotely and adults working remotely, he says.
“It’s not unlike any other disaster that we’ve seen since we’ve been relying on technology. Bad actors take advantage of a crisis. A global pandemic is a crisis,” Coleman says. “They’re going to take advantage of this because they know so many more people are online. There is a target-rich environment that bad actors see these days.”
7. Enable Automatic Locking
If you walk away from your device at your home office, coworking space, or a coffee shop, you should lock it. The issue is as humans, we forget. When we do, automatic locking is there to protect our unattended devices.
Make sure to configure an amount of time that while convenient is not unreasonably long, such as 30 seconds for mobile devices and five minutes for laptops. Automatic locking is enabled by default on most modern devices.
The Bottom Line
The freedom that comes with working from home in Toronto is accompanied by a responsibility to maintain security standards that would normally be provided for you when you work in an office. By developing good habits—such as establishing strong passwords, using multi-factor authentication and performing regular software updates—you can help provide the secure environment your work deserves. Pace offers Cybersecurity that makes you feel safe again.
- Eliminate Exposure To Cyber Threats
- Educate & Train Your People
- Enhance Your Security Defenses
- Protect Your Business Assets