As we all start the Working From Home trend, all employees are responsible for the company cybersecurity. This is not just the IT and security team’s responsibility to keep data safe — every employee of the organization needs to be involved. Weak or stolen passwords can cause data breaches, which are our identities — and particularly our login credentials — are highly valuable corporate assets that hackers actively target. Lax security behavior isn’t just dangerous to the company you work for — it can pose significant personal risks as well. When one of you makes the company’s data vulnerable, you might also be exposing their own sensitive information. Human error cause can cause a data breaches, so it’s critical that you make sure, as the employee, is aware of the risks that you pose therefore take proactive steps to improve security at home.
1. Working from company devices and taking advantage of public wi-fi networks gives you a significant amount of flexibility, allowing you to send emails from the checkout aisle at the grocery store or work on a report at a café in between meetings. However, whilst convenient, doing work on public wi-fi networks on company devices can be risky. Never use unsecured Wi-Fi network to do company work as malicious parties tend to spy on internet traffic and collect confidential information.
2. Replace passwords with passphrases. A passphrase is a like password that uses a series of words, can be separated by spaces or none at all. An example of passphrase is “remember crepe uplifting herald”. All words with spaces. you may generate passphrases on this site . If you cannot remember your passphrases for your accounts, use a password manager like 1Password or KeePass to store your passwords. Both also offer 2FA to use when one wants to access the password manager. For 2FA codes, you can use Authy.
3. Follow you organization security policy. When in doubt seek help from the organization security team for assistance not your friend or “friendly” neighbor. Follow your organization’s security policy for working remotely if there is one.
4. Due to the current pandemic, there can be an increase in malicious campaigns targeting remote workers. Be careful of such work-from-home scams. Phishing emails as well as voicemails (vishing) and text messages (smishing) are used by cybercriminals to “phish” for information. This information is usually used in further schemes such as spear phishing campaigns (targeted phishing attacks), credit card fraud, and account takeover fraud.
5. Always the organizations VPN not third party tools to access the corporate network.
6. Your home router should be secure with a strong router password. Never leave the default settings on your router. The Mirai (malware) is well known for searching for consumer internet-connected devices such as home routers, IP cameras, etc which unfortunately are installed with the default settings. The Mirai malware uses predetermined username and password pairs that are from the device vendor. default logins such as root or admin should be changed on all internet connect devices once installed to reduce the risk of them becoming part of a botnet, which can be used in DDOS attacks.
7. Use encrypted communications when communicating with fellow workmates especially if it involves sensitive information. If your organization uses an internal messaging tool such Teams, Chime, Slack, use them to communicate and send and receive confidential information other mainstream messaging tools may inadvertently collect data about your usage, IP addresses, number of users and other data.
8. the usage of on-the screen keyboard should be totally avoided while sharing the device. This will allow other people to see the password being typed.
9. The most important safety feature is LOCKING YOUR DEVICE! As your start to work in public areas (home/garden/café), or if you live with people who you can’t share work information with, then it’s important to keep your device secure. If you need to physically lock your device, for example, at a library or at a café, use a Kensington lock to secure your device.
Be smart and safe when working from outside the office!