iToons from Times of India

AJ’s Cyber Security Tips|How to securely work from home

The New Zealand government encourage companies to consider working from home options of their employees to prevent exposure to the COVID-19 virus. Therefore, it is important to get to know how to work safely and securely from home.

Most common risks for employees working from home are the following:

  • Exposing the corporate netowrk to home computer vulnerabilities
  • Unable to control or ensure the security of the home network
  • More susceptible to phishing and cyber attacks
  • Inability to ensure the physical security of the workspace

Let’s closely look at those risks and what can we do to mitigate them.

Laptop or Desktop security

At your office, you may have given a laptop or a desktop to do your daily jobs. If you have a company-provided laptop it much easier to work from home. Otherwise, your employer may have already advised you to take your desktop with you. Either way allows you to resume your work from where you were at the office since they are already loaded with all necessary applications and tools.

In case if you have to use your home laptop or the desktop to work from home, here are few things that you must do to ensure the security of your personal information and the company information.

  1. Apply Operating Systems and application security patches

Time to time Operating System (OS) vendors like Microsoft releases security patches for their OSs. These patches may vary from low to critical depending on the severity (the harm that cybercriminals can do) and exploitability (how easy to exploit the issue). Therefore, it is very important to apply these security patches as soon as they come.

  1. Use strong passwords

Password is the first level of protection to your computer and information systems. Therefore, set a strong and unique password on your devices and systems that you store your important information.

It is a good practice to have different sets of passwords for work and personal accounts.

Check this guide on how to set a strong password

  1. Enable two-factor authentication (2FA)

Two-factor authentication will give you added protection to your password. Therefore, enable 2FA if your corporate applications support it. Talk to your IT team to know what applications support 2FA and how to enable it for your account.

  1. Never disable the antivirus application

Make sure your antivirus application is running all the time when you access any system over the Internet.

Network security

When you were at your office premises you were protected by the corporate network firewall which blocks most of the common attacks to your device. Now you must rely on your home Wi-Fi router to provide a similar level of protection. Unfortunately, home wireless routers by default do not have security features enabled to simplify the initial set up process.

Therefore, the first thing is to make sure you have undertaken below steps to ensure there are no weaknesses in your home network. If you have multiple devices such as a separate modem, a router and a Wi-Fi access point in your home network, do below on all of them.

  1. Change default admin password

Routers do have a web Graphical User Interface (GUI) to configure Local Area Network (LAN), Wide Area Network (WAN) and other settings. You may have never used this or may have used once when you initially set up the network, but there is malware that is designed to identify devices running with the factory default passwords.

Generally, the admin password and the login procedure can be found under the Wi-Fi router or in the router manual. Also, you can use online websites like this to check the default password.

You may see there are number of routers that do not have a default password or have a very weak one like “password’ or “1234”, so I cannot stress enough the importance of changing the default password.

  1. Remove unknown devices connected to the home network

While you are in the router configuration, check what else is connected to your Wi-Fi network. If you are not sure about a device that is connected, kick it off from the network. The worst thing that could happen is you have to enter the Wi-Fi password to reconnect it to the network.

  1. Set a strong Wi-Fi password

Setting a strong password for your Wi-Fi network will avoid unauthorised access to your home network. Also, make sure inserting the password is mandatory if anyone wants to connect to the network. A passphrase is a good way to remember the password as long as it is unique and does not contain any personal information.

Also, it is a good idea to have a separate Wi-Fi network for guests if your router supports creating multiple local networks.

  1. Use WPA2 for wireless security

WPA2 stands for Wi-Fi Protected Access 2, the industry recommended encryption protocol for setting up the security of your Wi-Fi network. Generally, this can be found under the security or the advance configuration section of the router configuration.

  1. Keep your router up-to-date.

Check whether there are pending updates to be installed for your router if so install them before you connect to the corporate network. Again, this can be found once you logged into the router administration web page.

  1. Enable the firewall and disable unwanted services

Not all but most modern routers have a feature to mitigate the risk of some cyber attacks by configuring the in-built firewall capability. This will prevent exposing unwanted services or ports like SMB, RDP and NetBIOS to the Internet which are widely targeted vulnerabilities by cybercriminals.

  1. Use Corporate VPN when accessing important systems

Virtual Private Network (VPN) software provides an added layer of security by using encryption between your laptop and the corporate IT network.

Using a VPN is highly recommended whenever you access corporate systems as it will protect the information from any insecurities in your home network. Talk to your IT team to help you set up VPN software on your device.

Check below guides if you want to know more about securing the home router

https://www.cert.govt.nz/individuals/guides/stepping-up-your-cyber-security/secure-your-home-network/

https://heimdalsecurity.com/blog/home-wireless-network-security/

Physical security

Physical security of the place that you work is equally important as network security. Here are a few checks you can do to improve physical security aspects.

  1. Find a secure place to work

The garden bench could be the most comfortable place to work while at home but make sure you do not expose to any threat actors like opportunistic thieves. Also, once you are done for the day, keep all your office stuff in one place specially printouts and files that you have with you.

  1. Lock your laptop if you step away

It is a good practice to lock the computer stepping away from it, even for a minute. This will prevent children from mucking around with your computer or exposing confidential information to your flatmates if you are sharing the house with others.

  1. Don’t’ write down passwords

Do not write any corporate passwords. Use corporate password management system to store all passwords if you have one.

Phishing and other cyber threats

While the world is dealing with the pandemic crisis, cybercriminals are leveraging peoples fear of the virus to launch cyber-attacks. In the last few weeks, security researchers found several phishing email campaigns and malware-laced mobile apps.

Here are a few tips to protect you from phishing scams.

  1. Do not trust the display name of the sender or the “from” address

There are many ways to manipulate the displayed name and the from address to fool the recipient. Therefore, never trust the email just from those attributes.

  1. Never give your passwords

One of the main objectives of cybercriminals of phishing emails is to capture your passwords. Therefore, never give your corporate login password to anyone.

  1. Try to avoid opening unsolicited emails, even you open it do not download any attachments or click any links

Try not to open those unsolicited emails. If you found it in your spam folder, probably it has spam-like attributes for the email to be flagged as spam. If it is a genuine email, talk to your IT team and whitelist that sender. Even you open the email do not download any attachments or click any links as they are the most popular way to hide malware.

Cheers,

AJ


AJ is a cyber security specialist with more than 10 years of experience working in variety of firms in multiple countries. AJ will give cyber security tips here from time to time!

Cartoon Credit: Times of India, 18 Jan 2018

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.