The current workplace reality is that, in response to the ongoing coronavirus (COVID-19) outbreak, many companies around the globe have rolled out work-from-home arrangements. As a result, there has been an influx of employees signing in remotely to corporate networks and using cloud-based applications. But this shift could also open doors to security risks and cyber threats.
Security teams and home office users, however, can minimize the risks that come with remote-working setups.
Below are some practical security measures that can be applied to this end:
Use a company laptop for remote work if possible.
Do not use your personal machine as it may have fewer security controls than your company-owned hardware. Work-issued laptops or machines should be for employee use only; other members of your household should not have access to your dedicated work equipment.
If the use of personal equipment cannot be avoided and you have to use your own machine, keep it as close as possible to office security standards.
Use security software provided by your company, follow company data protection measures, and do not mix personal browsing and activities while working.
Use company-designated VPNs and avoid free, public Wi-Fi.
Use the dedicated enterprise VPN servers only on your work laptop or desktop to make the connection between your network and the office’s security. But be wary of phishing attacks that steal VPN-related account credentials. If VPN connectivity is not on the table, ensure that data communication is done via encrypted email or Pretty Good Privacy (PGP) encryption.
Remember to back up data.
Follow the 3-2-1 rule in backing up data: Create at least three copies of the data in two different storage formats, with at least one copy located off-site (e.g., provide external SSD or HD drives).
Set up your 2FA.
Many major websites and services are implementing two-factor authentication (2FA). Make sure to have logins set up to not rely on passwords alone (e.g., use authentication mobile apps or biometrics). Passwords have time and again been hacked, leaked, or stolen.
Use a guest network to isolate the company laptop or desktop. If you have a router or switch with a virtual local area network (VLAN) functionality, activate it and dedicate a VLAN for office work only.
Prepare a backup solution at home.
Having backup options (e.g., hardware such as USB hard drives) puts you in a better position when something goes wrong, such as connectivity loss or server failure. For macOS users, Time Machine can be activated to create backups.
Secure the gateway: your router.
The router is the gateway to all internet-connected devices in your home network. Attackers are known to compromise home routers with default credentials that users often neglect to change. It is good practice to regularly change the password for your router as it may have been previously shared with other users. Passwords that are not prone to dictionary attacks are recommended, i.e., those that have more than 12 characters, with a mix of letters, numbers, and special characters.
Likewise, it is important to always update the firmware of your router to the latest version. Routers issued by internet service providers (ISPs) usually have automatic updates, but due diligence can be done through a router’s web console, which is accessible using its IP address.
Since kids are also staying at home, likely having their online classes, and other members of the family may also be working remotely, home network security basics such as creating backups and employing a proxy service should be adopted. Create a safer digital environment by employing home network security that not only can block and filter sites but can also protect your network and devices against hackers and web threats.
Protect data against ransomware and theft by enabling Folder Shield.
You can also consider employing router security that allows device management (e.g., disconnecting unwanted devices in the network), controls social media use, blocks inappropriate sites, and sets time limits for device usage.
As with laptops and desktops, make sure phones are updated with their latest firmware versions. Download only legitimate apps from official stores and review the app permissions before installing them. Install a mobile security app to prevent malicious apps or codes from running on phones.
As more users stay and work at home, bandwidth becomes a critical resource. Ensure seamless productivity by reducing consumption in streaming videos and other activities that throttle the bandwidth, especially during work hours.
Discuss the importance of online safety.
Help your family understand the public nature of the internet and its potential dangers. Remind them that they are responsible for ensuring that their online activities are safe and private by securing the way they set up and use their devices.
Setting up a secure remote-working environment is not an overnight job. It requires considerable effort from all people involved, especially in the case of those who are new to telecommuting. The measures laid out here should help companies and employees ease the burden and effectively protect work-from-home setups from cyber threats.
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, our cybersecurity platform protects 500,000+ organizations and 250+ million individuals across clouds, networks, devices, and endpoints. Trend Micro Initiative for Education
Copyright © 2023 SCORE Association, SCORE.org
Funded, in part, through a Cooperative Agreement with the U.S. Small Business Administration. All opinions, and/or recommendations expressed herein are those of the author(s) and do not necessarily reflect the views of the SBA.