Working from home has now become a requirement for most office workers due to the coronavirus pandemic, which has required companies to close their offices to keep their staff isolated. Whether you work from home normally, or you are forced into it but, either way, you need to be secure and don’t want to be the security vulnerability that brings the house down. Here ARE 8 tips for securely working from home.
Most small companies do not have an IT dept or even If an IT person, even if your employer has an IT person, they will unlikely be able to visit you at at home right now, but there are some things you can do, too. Here are 10 tips for securely working from home.
1. Use the devices your company gave you.
If your employer has provided you with a laptop or computer, then this should have appropriate security precautions you need in place , if you can just stick to using this device then you will be a lot more secure.
Although don;t take this for granted, check with your employer to be sure and make sure that the device is indeed locked down and secure as per the tips below.
2. Use 2 factor authentication (2FA)
2 factor authentication is where you require a second device in order to authenticate your login in addition to your username and password. This means that if your login details become compromised, they cannot be used without your 2FA device.
All your devices and accounts, work or personal, should be using 2FA where possible, so if you have not enabled this, then do so now, even your social media accounts support this.
2FA can be done via an app on your phone (Microsoft Authenticator or Google Authenticator) or better still, get a YubiKey for that second factor where you can or an app like Authy or at the very least use SMS if that’s all that is available. But turn on that second factor.
Always use unique passwords for every site/app. Poor passwords and re-using the same passwords on multiple websites/app is one of the biggest causes of people having their accounts hacked and identity stolen.
More than 30,000 website are hacked on a daily basis, and most website owners do not find out for months, sometimes even years. If just one website you use gets hacked, the hackers then have your login and other personal details. Which they can then use on any other site where you used the same login.
Use a password manager so all your passwords can be long and complex and unique for every single app and site you use, without you having to remember them.
See my article on why you should use a password manager and password managers are not just for passwords.
If your workplace doesn’t provide VPN, tell them they really should, then pay for a well-reviewed VPN that has a no login policy.
Many of the top antivirus solutions, such as Bitdefender, now include a VPN solution built in as standard, although you willl still need to pay extra for using it. They are not the best, and often lack in features, but its certainly better than no VPN.
5. Lock down your browser
Before you start working on sensitive work matters, strip down your extensions to only the ones you absolutely need and are certain you can trust. And look into well-reviewed trustworthy extensions that protect security.
Create a separate profile in your browser for work stuff. If you don;t know how to do this, read my article How to create multiple profiles on Google Chrome.
6. Keep your devices safe
This should be a no brainer, but make sure you lock your doors, don’t leave devices in your car, and turn on your “find my device” features on all your devices. This comes as stand on Windows and with all Android and Apple devices. Make sure you know how to use it BEFORE you lose a device.
Android and Apple mobile devices also have the ability to remotely wipe them, so I also recommend enabling this and making sure you know how to use it just in case.
Enable theft protection where possible, this is a feature that comes with many top security products like Bitdefender, which have the option to take photos of the user who tries to login to your phone with incorrect details.
7. Use good anti-malware / security software
Windows comes with a security solution called Windows Defender as standard, while this is certainly better than nothing, and will block the majority of malware, there are also a lot of threats it doesn’t protect you from.
A good all round cybersecurity solution is recommended, such as Bitdefender, ESET or Bullguard which protects you from malware, ransomware, phishing, network intrusion, scans your network for vulnerable devices, out of date software on your PC.
8. Make Backups
Just in case disaster strikes, make sure you have backups of all your important data.
If you use Windows, then you have access to One drive by default, which is free cloud storage and backup, so make use of this make sure you have this configured and setup and are storing your documents on your one drive.
Enable the windows backup to automatically backup all your file to another drive.
You can also use a tool like Acronis True Image for full system backups which will completely restore your system in case of failure or disaster.
Security is always a game of getting as close to a zero chance of a breach as possible, and these practices should help.