Security Concerns in Your Work from Home Environment
Coronavirus has forced many of us to work from home. It seems likely now that once the pandemic is over, many of us will continue to do our jobs more remotely than we have in the past. Moving out of the office environment presents additional security risks. Companies typically have additional layers of cybersecurity in the office that are set up to protect computers from risks, but when we work from home, networks and devices may no longer be as protected.
Data breaches expose sensitive information, leaving companies at risk for significant financial loss, operational disruption, reputational damage, and legal ramifications. IBM reports the average cost of a data breach is $3.9 million USD . While proportionally smaller in impact, small business attacks can easily run into the hundreds of thousands in losses.
Here are five ways to keep you and your company protected when working remotely.
1. Utilize Data Encryption
Data encryption scrambles your information, whether it is sitting on your computer’s hard drive or being transmitted online. For many forms of attack and theft, this prevents it from being read by outside sources. You should ensure your laptop’s hard drive is encrypted to protect the information sitting on it, and only use secure connections that are encrypted when online. You can see this in your web browser as an “https” connection. Without it, cybercriminals could see what you send or enter online. It is also best to avoid using public Wi-Fi connections, as they often lack proper network security. We recommend and embed in our laptop products cellular wireless connections with an advanced VPN connection to ensure maximum mobile security.
If connecting from your home Wi-Fi, after going through this checklist to ensure it is secure, a virtual private network (VPN) connection will add an extra layer of encryption for your communications and data transfer, helping to prevent cybercriminals from getting access to confidential information. This can be a VPN your company or local IT provider provides, or you may consider a public VPN service. Here is a detailed webinar where we discuss the public VPN services if you decide to use one.
2. Consider Physical Safety
In today’s world, we usually associate computer security with online threats, but physical safety is still a factor. In fact, a laptop is stolen every 53 seconds. Ensuring your laptop is kept in a secure area of your home is important. Home security is often not as substantial as office security. You may want to consider only keeping your computer and work material in a place in your home you can separately lock. Professionals who do work for tax authorities, as an example, already do this. It is often required by company policy for work from home staff who work on confidential information. As well, a secure screen saver to prevent guests or anyone in the home from getting an eyeful of client data should be employed.
Be especially careful when you are on the move that you do not leave a device in your vehicle when stopping in at the store or for a bite to eat. Even locked in a trunk it is a waiting target for thieves.
Of course, the best solution is to have a fully secured device that is heavily encrypted and secured, with active intrusion prevention monitoring if it ever lost or stolen.
3. Avoid Opening Suspicious Emails and Attachments
Digital communications increase when working remotely. Expect your colleagues to be sending you even more email to keep you in the loop when at home. This can create an ideal environment for phishing emails - one of the biggest risks to cybersecurity.
Emails with links or attachments should always be treated as particularly suspicious. Never click on or download anything unless you know exactly who it came from. These missives may even look authentic, but always check the email address to ensure they are coming from a known sender from their legitimate email address.
Be particularly careful when you get a request for documents or sensitive information. If you suspect something is not right, reach out directly to the person that the email is from. It is always better to be safe than sorry.
As well, consider a solution like Microsoft 365 SharePoint and Teams that can very effectively be used to minimize the use of email to send attachments.
4. Use Only Dedicated Company Equipment and Resources
When you’re working from home it can be easy for the lines between your professional and private life to get blurred. Resist the temptation to use unsecured home computers, something your kids may be using to browse the Internet or to play games online. Make sure you have a good, secured computer to work on. Stay in company email for work tasks and avoid using your personal email account for work issues. Especially avoid personal email to “creatively” copy or move files around to bypass controls IT or your IT provider set up. Using unsecured devices, even momentarily or in a work “emergency” is a common cause of breach and theft of company confidential data because those device are usually less secure, and may already contain malicious software.
Never use thumb drives that have been lying around the house unless you know where they came from and have been scanned for viruses. These little devices are susceptible to malware and other viruses that can infect your system and cause the loss of data the moment you connect them.
As well, use this checklist to ensure your home or cottage Wi-Fi is secured.
5. Secure Your Laptop
The most crucial way to reduce the risk of infiltration is to install and keep the device you work on at home secure. Top-grade antivirus software, an up to date and fully patched operating system and Office suite are critical. Cybercriminals are experts at finding vulnerabilities in operating systems and out-of-date anti-virus software. Make sure you are current with the latest software and security updates for all your devices. And, as stated above, data encryption is a powerful deterrent and another critical component of your work from home device defense strategy.
Working remotely does not have to threaten your data security. NPC DataGuard offers a complete solution that takes the risk and hassle out of computing no matter where you work from. We provide full system-wide security that includes advanced enterprise class anti-virus, military grade encryption, and secure backup that runs automatically. Your NPC computer is frequently scanned for any threats and is monitored by a support team that is available 24/7/365.
If your laptop is lost or stolen, NPC DataGuard will replace it and restore your data from your personal backups. All this -plus our multi-million-dollar privacy and data breach remediation insurance-means you are worry-free for a single monthly fee.