Is there much of an increased risk by working from home?
The Guardian recently reported that cyber attacks targetting home workers increased from 12% in March to 60% in May. Not surprising really, many organisations had to move quickly to get their staff working from home and in the rush to get us out of the office and into our homes some of the corporate cybersecurity controls have yet to be put back into place. That has created opportunities for cybercriminals, our home networks are a weaker link than our offices and are therefore a great place for hackers to try and access our corporate networks. Let’s take a look at some of the areas of risk and what you could do about reducing the vulnerability.
Your own device or your companies?
Who’s computer are you using? Was it supplied and set-up by your company or is it one you use for home and leisure? Your computer can be your first line of vulnerability and security. Does it have a good anti-virus service installed, one which is designed to manage business applications? Do only you use it or is it shared? When you are working on company stuff can you lock it so that your partner/child/sibling/cat cannot get onto the computer and access, perhaps alter or corrupt the documents you are working on? When did you last change the password to login to the computer, and how safe is that password?
How secure is my internet connection?
What about your internet service. Is it secure? Hackers can breach the security of your home internet, from there they can redirect, unseen by you, your traffic to a website run by them and when you use your personal details (financial, social media etc) they get all that confidential information, to then sell to other criminals. Did you ever think about changing the password which the router came with to something which only you know, so it’s that bit more secure? If you have the chance what about upgrading to a better router?
Loads more emails.
How about your email, because we are doing more online more of our communications are via email. That email from your colleague might look genuine, after all, it is in their name. But wait, is that really their email address? What about that attachment, could it be false? Does your email system spot any suspicious emails, can it quarantine them or alert you to a possible threat? Many of the email systems now have add-on’s to provide you with additional security services which can help to manage the threats.
We are all sending more emails, partly because we do not get to chat with our colleagues. Is anything you are sending of a sensitive or confidential nature? If someone gained access to that email would it give away and company secrets, or disclose information you would rather be kept confidential? Have you considered using an email encryption service so that only you and the intended recipient can read what’s in the email? Here’s an article which helps to explain encryption
Prove it’s you, use Multi-Factor Authentication.
When you are logging on to business applications how do we know it’s you? Could someone be using your identity to access sites you use? Have you thought about using Multi-Factor Authentication? That’s just a techie phrase for having a second device to confirm it’s you, for example using a code generated on your phone which then has to be typed into the site you are trying to access.
Keep your software updated
Is all of your software up to date? Microsoft recently stopped issuing software updates for computers which have the Windows 7 Operating system. Yes, the computer will still carry on working, but as Microsoft has stopped issuing software updates hackers can target those machines with new threats and Microsoft will not be applying their significant resources to defending your computer. Make sure your computer has the latest updates for all of the software you use.
I need that software, but can I trust it?
Now we are at home we often find great new software solutions online that will really make life easier, and it’s a free download. Why is it free? Could there be threats hiding in the download? Does your company have the means to review software downloads, is there someone who can help sort the risky from the not so risky?
That’s a great image.
Maybe you are doing a bit of browsing and you come across an image you like, perhaps it really helps explain a point you want to make and so you download it. It’s only an image after all. Threats, malware, can be hidden, not just in applications or programs, but also in image and video files. Of course, you should only download from reputable sites but as a line of defence make sure your anti-virus service also has an anti-malware function too.
Surely I can trust my friends.
Do you mix work and pleasure? How often do you get that alert on your screen that someone has updated their Social Media feed? You go on, take a look, maybe click the link that your friend has just shared. It’s come from your friend and you trust them so no risk there eh!. Be careful about any links, it could be a route for a criminal to get into your system, and through into your companies systems. There are solutions out there to help handle website links, maybe your company should think about looking at what’s available?
What other precautions should I consider?
What about physical security? What if your laptop was stolen, or you took it out and left it somewhere? Of course, that’s unlikely, but if it did happen can you protect what’s on it? You can encrypt your device so that only you can access what’s on there. Perhaps something to think about.
What about printing stuff off, we all have to do it sometimes. Do you have a printer for work or are you sharing the home printer? If it’s shared, could someone else pick up your confidential document? Do you really want to risk others seeing confidential information? Why not get yourself a printer for work?
Help, they got me!
If the worst does happen and your computer gets infected DON’T PANIC. Your reaction to a virus is crucial; do not panic and make hasty decisions trying to disinfect your computer.
If you believe your computer contains or is infected by a virus, you should turn off the computer and immediately contact your IT person. Ideally, your company will have an information security policy which should include procedures that you can fall back on in case of a suspected infection. This will give you a framework to follow that will minimize the potential for panic and, consequently, minimize the damage that a virus can inflict on your information.
I suppose you do not need to worry because everything is backed up anyway. Is it? Do you have backups in place? Backed up to where, at home to a hard drive or to the cloud, or both? What’s being backed up? Might you have included a cyber threat in your backup? Some modern backup solutions now help to identify and manage cyber threats. When was the last time you reviewed your backup solution?
Can we improve IT for working from home?
I listened and I have that covered, now make my IT for Working From Home better.
That’s enough about the risks, what about helping to make the IT I use for working at home aid to better business.
Where are you working from? Is it a nice comfortable desk with a good supportive chair, or are you balanced on the sofa staring at a small laptop screen? Why not get yourself a decent desk and chair, with perhaps a couple of monitors so you can switch easily between documents and sites.
When you do that Zoom/Teams meeting can you hear what’s being said or is the background noise at home a bit too intrusive? There are good headphones out there, with microphones installed, and even noise-cancelling technology, so you can participate in meetings without having to ask everyone at home to keep quiet. If being professional from home is very important why not invest in a webcam, speakers, microphone and other technology which will help you to be at your best.
Help me learn about Zoom. Teams, Microsoft 365 etc.
Being at home one thing we miss is our mates at work. Yes of course for a chat about this and that but our mates are also great to turn to when we want a bit of advice, the “how do I do this?” type of question. Because they are not next to us at home we are all having to become self-taught experts in Microsoft 365, Zoom, Teams, Adobe etc etc etc. Yes, we can Google for answers to those “how do I do this?” question. Your IT provider can provide you with those 3 minute “How to” video’s or those longer videos for a deeper knowledge of a subject.
Sometimes things do go wrong, stop working or appear different from what we are used to. Or maybe we need a new device, and add-on or want to ask a question. Are you able to call upon IT support to get those problems solved, those enquiries progressed?
Thanks, that has helped.
We are all learning how to do this working from home thing. Over the past few weeks, it has got easier. Now that it has become the way we do things, let’s see if we can make it the way we do things safely, securely and enjoyably. Consider what I have mentioned here. To borrow the current phrase “Stay Alert” and help yourself to “Stay Safe”.
If you want help with any of the matters raised in this article please contact us at Greenlight Computers to have a chat with us.