If you are reading this right now, you are probably one of the millions of Americans that have transitioned to working remotely in recent months. It is also safe to say that for many, this change has been unexpected, to put it mildly. Remote work may not seem very different at first- you are still doing work on a computer after all. In some ways you may be right, but in terms of cybersecurity, working remotely is a very different process which poses some unique challenges. In this article, we will explore some steps you can take to secure your home devices, give you a peek under the hood at how Dataprise is managing this new normal, and discuss how we can help you better secure your environments.
Why does working from home pose new cybersecurity challenges?
The most noticeable security difference between working in the office and working from home is standardization and control- both of your equipment and your network traffic. Standardization and control of machines is beneficial because it lets us know what behavior is normal and what is not. In the office, computers are most likely managed by your IT department, which knows what kind of devices you are using, what software these devices are running, what other devices your computer is allowed to communicate with, and so on. They can also often control who can connect or send things to your network and what you can download. Essentially, IT departments can easily standardize and control most computer behavior for employees working in the office, allowing them to maintain order and quickly identify potentially concerning behavior
Working from home throws a curveball into this order. For example, you may be working on a laptop that is also used by your teenager to watch videos, visit social media, and embark on other teenage pursuits, which potentially opens the door to spyware and other threats. Maybe you are using outdated or improperly configured home network equipment to access the internet, exposing yourself to a higher likelihood of being hacked. Maybe you share access to Wi-Fi with others who visit sites and click on things that they should not; this may make your computer vulnerable even if your own behavior is safe, because infections can spread across networks. The bottom line is that most home networks simply aren’t organized or controlled as well as professionally managed environments, exposing them to many common methods of cyber-attacks.
What can we do about it?
The good news is that there are several things you can do to make your home devices more secure, many of which require very little technical knowledge. A good starting point is to put the following controls into practice:
- Use strong, unique passwords on all accounts
- Use a virtual private network (VPN) to connect to the internet
- Avoid clicking on suspicious links, and instruct others on your network to do the same
- Update all software and firmware on your devices regularly
- Keep cloud and local backups of important files
Use Good Passwords and Multifactor Authentication
Cyber threats can gain access to your password in several ways. Potential access methods available to hackers include:
- Brute force attacks, which use trial and error to guess passwords by process of elimination
- Hacking a database which contains your password
- Purchasing contents of a hacked database on the Dark Web
- Using social engineering to get you to provide your password to what appears to be a legitimate authority
The first step to avoiding these types of attacks is choosing strong passwords, which are typically at least eight characters long and contain numbers, letters, and special characters. However, some security experts now recommend creating a longer, slightly less complex password that you can more easily remember. Either approach makes a hacking attempt significantly more difficult.
If a hacker does obtain your password, you can reduce the damage by using a different password for every account you have. Hackers who gain access to one password will frequently try to find other accounts you may be using and try the password there too- using unique passwords for every site thwarts this tactic. Multifactor authentication (MFA), the practice of using both a password and another authentication method to sign onto accounts, is also great at stopping unwanted access, and should be used whenever possible. Finally, be extremely wary of popups or strange emails that ask you to type in your password- if it does not look right, it probably is not.
Use a VPN
VPNs provide a great way to hide your internet traffic and IP location from onlookers by using encryption. Without going into too many specifics, using the internet without a VPN can inadvertently give away a lot of details about what devices you have and what you’re doing on the internet. In the hands of a hacker, this information can be used to formulate an attack. Though some VPN subscriptions are offered for free, many of these tend to have questionable privacy policies; instead, we recommend purchasing a subscription from the VPN provider of your choice. The cost is often no more than a few dollars per month and goes a long way towards protecting your network.
Be Wary of Unfamiliar Emails
Phishing attacks are a huge part of modern-day cyberattacks- some are highly personalized and may contain references to your family members, your hobbies, and more. The best way to mitigate this is awareness- Learn to be wary before clicking on any email links or pop-up ads.
Keep it Fresh
Microsoft, Apple, and other vendors frequently release patches and updates to address new vulnerabilities found in their systems. When you update your devices and software regularly, you’re giving cyber threats less time to exploit these vulnerabilities. If a weakness in a software is discovered and sits on a computer for two years without being patched, that’s two years that a hacker can use to exploit that vulnerability. Computers, mobile devices, and software aren’t the only things that need to be patched- your wireless router can also benefit from upgraded firmware. There are plenty of YouTube tutorials that can show you to do this if you’re not sure how.
Back it Up
Despite our best efforts, computers can sometimes break. Whether it’s caused by a spill, a bad cooling fan, or a ransomware attack, at some point your machine is going to stop working. Unfortunately, you will also not get to choose when your device breaks down. Therefore, it’s important to keep thorough and consistent backups of your files in more than one place- ideally one backup on a removable hard drive, one backup in the cloud, and a third backup at an offsite location. If three backups are not possible, choose a cloud storage program like OneDrive to keep your important information available in case you do need to make a switch to another computer.
How can Dataprise help?
The techniques described above are simple, but they can be exhausting to manage effectively- not many people have the bandwidth to organize an effective cybersecurity plan outside of their normal routine. Plus, these strategies are only the tip of the iceberg when it comes to cybersecurity. Thankfully, Dataprise can take the pressure off you as an individual or business and build cybersecurity best practices into your organization. As one of the world’s leading managed security service providers (MSSP) according to MSSP Alert, we offer the depth and breadth of capabilities to keep your organization comprehensively protected against hackers and other cyber threats, so that you don’t have to. We’re here and ready to help- speak to your account manager or our marketing team for more information.
Visit our Remote Workforce Resource Hub to download Remote Work 101, 102, & 103 for tips on securing your network, devices, and web browsers.