Editorial Note: Forbes Advisor may earn a commission on sales made from partner links on this page, but this does not affect the opinions or ratings of our editors.
As of September 2020, nearly 60% of full-time and part-time workers in the United States were doing their work remotely at least part of the time during the coronavirus pandemic. And many of them would like to continue to do so. This hub of working from home, however, makes IT professionals at some employers nervous.
A global study published in October 2020 by Ponemon Institute LLC and Keeper Security, Inc. found that 44% of these professionals were confident in their organization’s ability to fend off cyber attacks during the pandemic, up from 71% before the pandemic. What bothers them the most? A lack of physical security in teleworker workspaces (47%), the threat of teleworkers’ devices being infected with malware (32%), and the risk of cyber crooks accessing sensitive data on the devices teleworkers (24%).
IT professionals are right to be concerned. In August, Interpol, the international police agency, warned of an increase in cybercrime amid the work-from-home movement. “As organizations and businesses rapidly deploy remote systems and networks to help staff working from home, criminals are also taking advantage of heightened security vulnerabilities to steal data, generate profits and cause disruption,” Interpol reported .
So, if you are a remote worker, what can you do to strengthen your work-from-home cybersecurity? Check out these six tips that could help protect your data and devices, from cybersecurity software vendors MonsterCloud, Norton, and UpGuard, and the National Cyber Security Alliance.
1. Don’t delay updates
If you are alerted to a software update on any of your devices, be sure to install the latest version of the software as soon as possible. Software updates (including those for antivirus programs) fix security holes and help protect your data.
On your smartphone, it’s important to pay attention to the notifications you receive for operating software updates and for changes that affect your apps, especially if you’re using a single phone to manage both your work and your life. personal.
2. Do not turn off the VPN
You may be accessing your employer’s network through a VPN, or virtual private network. A VPN secures the information transmitted between employer and employee through what is called data encryption. It is designed to prevent cyber crooks and cyber spies from intercepting sensitive data, such as financial documents and customer information.
If you’re using a VPN on any of your devices, don’t turn it off while you’re working. Otherwise, you will lose a tool that could block an attempt to steal confidential information.
Also, be sure to avoid using public Wi-Fi networks when accessing work accounts, unless you are connected to your employer’s VPN.
3. Beware of phishing scams
Cybercriminals are taking advantage of the remote work wave to flood inboxes with fake emails.
Cyber security experts warn in particular against phishing scams linked to the pandemic. “These emails are designed to tap into people’s curiosity and thirst for knowledge on topics related to the pandemic,” says MonsterCloud.
Norton offers this example: You receive an email that appears to be from your company about a new company policy regarding the coronavirus. But the email is actually part of a phishing scam. The email includes an attachment or embedded link that the scammer wants you to click. This click could trigger malware on your device. As such, be careful when clicking on attachments or links in an email.
The Federal Trade Commission claims that crooks send phishing emails that appear to come from a trusted organization, such as an employer, in order to steal account numbers, passwords, and other sensitive information.
“Most of the things they could have access to could absolutely make your life miserable,” says Kelvin Coleman, executive director of the National Cyber Security Alliance.
4. Boost passwords
Your devices must require you to enter a password before anyone can use them. Your Wi-Fi network and router, which connect your wireless and wired devices to the Internet, must also be password protected. UpGuard notes that you should make sure to change your router’s password from the default setting to a single setting.
The National Cyber Security Alliance recommends creating a long, strong password for each online account you sign into on an employer-provided device. Norton says a password should be at least 10 characters long, excluding actual words or personal information (like a date of birth).
“By combining upper and lower case letters with numbers and special characters, such as ‘&’ or ‘$’, you can increase the complexity of your password and help reduce the chances that someone could potentially hack your account, ”says Norton.
UpGuard cautions against using passwords that repeat numbers (000000), contain sequences (123456), or are used frequently. Common passwords include “password”, “test1”, “qwerty” and “iloveyou”.
5. Keep your devices separate
Let’s say you watch Netflix shows on your tablet, pay bills on your personal laptop, and work on your employer-provided laptop. If so, keep it that way. When performing tasks on your personal laptop, for example, you can put sensitive business data at risk if your personal laptop is not secure.
In addition, family and friends should not be allowed to use the devices provided by your employer.
Coleman notes that the various personal and business devices we use at home are tempting targets for cybercriminals. To make matters worse, these devices may be in increased demand these days, with children learning remotely and adults working remotely, he says.
“It’s no different from other disasters we’ve seen since relying on technology. Bad actors profit from a crisis. A global pandemic is a crisis, ”Coleman said. “They’re going to take advantage of it because they know a lot more people are online. There is an environment rich in targets that bad actors see these days. “
6. Consider multi-factor authentication
Multi-factor authentication adds a layer of security to an online account (like your bank account), electronic device or computer network. But, according to the Ponemon Institute and Keeper Security report, 31% of IT professionals surveyed said their organization does not require remote workers to use authentication methods at all. Among the 69% of organizations that required these methods, only 35% of IT professionals said multi-factor authentication was required.
Multi-factor authentication depends on at least two methods of verifying a person’s identity before they can sign in to an account, sign in to a device, or connect to a network. These methods include passwords, security tokens, and biometric identification (such as a fingerprint).
“As hackers seek to target less tech-savvy users who are new to working from home, multi-factor authentication stops hackers in their tracks,” says information security website Help Net Security. “In an age when most employees work on insecure home and public networks, multi-factor authentication as an added protection will not only lighten up the IT team, but will also help make employees who are not security trained less. sensitive. cybercriminals.
With the freedom that comes with working from home comes a responsibility to maintain the standards of safety that you would normally be provided when working in an office. By developing good habits, such as setting strong passwords, using multi-factor authentication, and performing regular software updates, you can help provide the secure environment your work deserves.