Seven Steps to Staying Secure While Working from Home
The COVID-19 virus enormously accelerated the trend toward working from home. Vaccines are on the way, but even after the coast is clear for returning to work, there is likely to be a significant number of organizations that continue to embrace working from home for a variety of good reasons. There’s a lot of money to be saved in reducing or eliminating office rents … companies may offer the option in a competitive move to attract and retain top talent … and it enables creation of geographically dispersed teams.
A word of caution is required, though. Working from home can expose workers — and the corporate networks with which they connect — to a wild cyber environment, filled with bad actors, and the automated tools that simplify their work of detecting, and exploiting, security weak spots wherever they might be. To help protect against that, here’s seven steps to staying secure while working from home:
1. Strong Passwords for Computer and Router.
Yes, you hear it all the time: Use strong passwords. But the simple fact is that this often isn’t done — opening the door to hackers and other bad actors (including automated hacking tools). I provide a guide to creating secure passwords in my recent blog Seven Steps to Protect Against Ransomware. You need to do the same for your router. Change whatever default password came with it … to a strong one. You should also ensure the router is securely configured. WIRED magazine provides a good guide to adjusting settings to better lock down your router.
2. Never Leave Your Computer in Your Car or Unattended.
There’s a long list of headline-making security breaches that began with a stolen laptop or other device. Don’t leave devices in the car, or on a coffeeshop table as you go for a refill, or to use the restroom. These same precautions continue at home. Ideally you should keep your computer in a locked room, within a locked house, whenever away. Similarly, you should configure your screen with a rapid count-down to locked, so screen information isn’t visible while you are away from your computer even within a secure environment. When in a public setting be aware of sight lines. Can someone near you see your screen
3. Use a Dedicated Work Computer, Never Your Personal Computer.
For some, this might not be an option, but if your work provides you with a work-from-home computer, use it for work and only for work. If they don’t, consider purchasing a second computer so you can keep the two separate. The games you play, the sites you visit, the e-mail you receive on your personal computer create too many potential attack vectors compared to a computer that is only used to securely connect to your work networks. Related to this: Don’t let anyone else use your work computer — not your spouse, your kids, or friends. For a look at how dangerous it can be to visit even seemingly safe websites, take a look at my recent Weekly Security Roundup in which I talked about Malvertising. Scary stuff.
4. Stick to Company-Supplied IT Resources.
The assumption here is that your company has an IT team that provides a collection of carefully selected and vetted virus protection, virtual private network (VPN), encryption capability, applications and utilities for you to use. Don’t rely on what you have on your personal computer. If your company doesn’t provide these resources, you might suggest they assemble such a collection, and if that doesn’t work, then assemble your own. You won’t want to be the one who let the bad guys in if the network is breached and an after-the-fact audit traces it back to your device.
5. Stay Current on All Software Updates.
Find out whether your company has an IT department that proactively pushes updates to your remote devices. Even if they do, there may be other updates — for monitors or other devices — that require your action. Staying updated is critically important because there is a constant race between hackers and other bad actors discovering vulnerabilities to attack, and software vendors rushing out patches to remove the vulnerabilities. However, before responding to update notices, first verify with your organization that this is a legitimate request, and not something that they update for you. Then verify that the update notice is legitimate, preferably by going to the actual site on your own, instead of clicking on the supplied link. This is to avoid malicious software that can pop up windows on your computer directing you to phony download sites.
6. Avoid Using Public Wi-Fi.
Never trust a public Wi-Fi connection. Without the proper protection, you are at the mercy of whomever else is connected. Dangers range from credential stealing, to dropping malware onto your device, to inserting infections into whatever documents you are transmitting to others. If you must occasionally make use of public Wi-Fi, be sure to use a secure and vetted VPN that encrypts data. I say “secure and vetted” as not all VPNs are sufficiently secure. You can also use a personal hotspot device, or use similar capability from your mobile phone. Kaspersky provides a brief and helpful primer on how to safely use public Wi-Fi.
7. Beware of Public USB Charging Stations.
Unfortunately, public USB charging stations can be hacked to upload malware into your device while charging. Using your AC power adapter is safe, but not the USB plug ins offered at hotels, airports, malls, and other public places. This means a good item to have in your travel bag is a USB data blocker, which can block bad actors from installing malicious code onto your device. You can learn more about data blockers in an article in Guiding Tech.
