In response to the COVID-19 global pandemic many businesses and companies have asked employees to work from home as part of social distancing efforts to contain the spread of the virus. Working from home comes with its own challenges, especially around security as there is heavily reliance on the internet and internet enabled apps and tools to work from home effectively.
Here are some tips on how you can work from home (WFH) more securely.
1. Pick a good workspace
There’s a lot of good advice out there about picking a space that’s ergonomically comfortable, and where you can minimize distraction, but there are some security considerations as well.
Pick a space that’s private. If you’re having conference calls or video meetings make sure you’re using video meeting software with advanced security. Only use encrypted Wi-Fi for business. Wi-Fi encrypted with WPA-2 is more secure than Wi-Fi that is just open for all to access. If you’re working from home, make sure your home Wi-Fi network is secured – all home routers support encryption.
If you need to access resources, such as servers, that live at your company’s location, use a VPN (Virtual Private Network) to connect to your office network. A VPN creates an encrypted tunnel for your network traffic to flow through and makes it harder for others to intercept your traffic in transit. If you aren’t sure if your company offers a VPN, or how to connect to it, check with your IT support.
2. Keep your data secure
Use strong authentication to access your device, either a PIN or facial recognition, if your device supports that.
Use multi-factor authentication (MFA) to access any cloud-based resources. MFA utilizes multiple “factors” such as a password and a PIN sent to your mobile device; or a PIN and a facial or thumbprint scan, in order to authenticate you. Usually you only need to use the multiple factors the first time you sign in from a specific device. MFA makes it much more difficult for others to sign in as you.
Now is a good time to think about the passwords you use. If you’re using simple passwords like “lovely” or “password1” it’s a good time to upgrade them to more secure passwords. Length is more important than complexity, though both have a role. Your password should be at least 12 characters long, and not an English word or your dog’s name. Consider using a phrase like a favorite song lyric, movie quote, or poem to create a password that’s long and complex but easy to remember.
3. Keep in touch
Stay in touch with your company while you’re working remotely. Your IT department may have special requests or make new tools available to you. If you suspect that your device or your data has been compromised in any way, notify your IT people immediately so they can investigate the situation and take steps to prevent unnecessary damage.
Now, more than ever, resist the temptation to use unapproved tools or store data outside of company resources. If you need something you don’t have in order to get your job done, ask your IT department or escalate through your management chain. It’s entirely possible that you’ll discover systems that don’t work well when you’re not at the office. Now is the perfect time to let IT know so you can work through those issues together.
Be alert for phishing emails. Criminals try to take advantage of fear and uncertainty by sending email that appears to be from authorities, or company officers, in an attempt to lure you into clicking on malicious links, or providing your private information.
Never click an attachment you weren’t expecting, even if it appears to be from somebody you know. Always best to check back with that person to make sure the attachment is legitimate before you open it.
If you get an email asking you to sign into a site, open a new tab in your browser and type the URL in yourself (or access it via a trusted bookmark) rather than clicking a link in the email.