A reminder about working from home securely

Over the last few years working remotely has become more and more common in today’s business culture. This usually meant that an employee scheduled themselves to be working remotely one to two days a week. However, the coronavirus outbreak and accompanying lockdown in US has forced a large number of employees into unfamiliar territory—not just working remotely, but full-time working from home.

If you think cybercriminals (and regular criminals) will be sensitive to global events and refrain from attacking remote workers, sadly, it’s the complete opposite. The FBI has seen a surge in reported cybercrime since the pandemic.  

Given these circumstances, we thought it would be good to remind everyone about maintaining good cybersecurity practices at home.

Physical Security

The first so-obvious-it’s-not-obvious tip is to make sure your work devices are physically safe, and that you avoid offering unauthorized views of confidential information. Here are a few ways to shore up physical security while working from home:

• If you need to leave your home for supplies or other reasons, make sure your work devices are either shut down or locked—including cellphones you might use to check email or make work phone calls.
• If you live with a roommate or young children, be sure to lock your computer even when you step away for just a bit. Don’t tempt your roommates or family members by leaving your work open.
• If you can’t carve out a separate work space in your home, be sure to collect your devices at the end of your workday and store them someplace out of sight. This will not only keep them from being accidentally damaged, but will also help separating your work life from your home life.

Separate work and personal devices

Easier said than done, we know. Still, just as it’s important to carve out boundaries between work life and home life while working from home, the same is true of devices. Do you have a child being homeschooled now and turning in digital assignments? Are you ordering groceries and food online to avoid stores? Best not to cross those hairs with work.

While it may seem cumbersome to constantly switch back and forth between multiple devices, do your best to at least keep your main work computer and your main home computer separate (if you have more than one such device). If you can do the same for your mobile devices—even better. The more programs and software you install, the more potential vulnerabilities you introduce.

• Don’t pay your home bills on the same computer you compile work spreadsheets. You can not only create confusion for yourself, but also end up compromising your personal information if a cybercriminal was able to breach your company.
• Don’t send work-related emails from your private email address and vice versa. Not only does it look unprofessional, but you are weaving a web that might be hard to untangle once the normal office routine resumes.
• Speaking of homeschooling, it’s especially important to keep your child’s digital curriculum separate from your work device. Both are huge targets for cyber criminals. Imagine cyber criminal’s delight when they find they can not only plunder an organization’s network through an unsecured remote worker, but they can also collect highly valuable access to your child’s school network, which garners a big pay day on the dark web.

Cybersecurity best practices

Other working remotely best practices may not be all that different from those you should be practicing in the office, but they are easy to forget when you are working in your own home environment. A few of the most important:

• Be wary of phishing emails. There will be many going around trying to capitalize on:
  • Fear related to the coronavirus
  • Offer advice or health information
  • Offer information on stimulus checks
  • Offer information on stimulus loans or grants

Scan those emails with a sharp eye and do not open attachments unless they’re from a known, trusted source.

• Related to phishing: Expect to see a rise in spoofing emails to initiate fraud. Your organization, vendors, and clients may be sending you many emails about new workflows, processes, or reassurances to employees. Watch out for those disguising themselves as high-ranking employees and pay close attention to the actual email address of senders.

• Beware of overexposure on social media, and try to maintain typical behavior and routine: Do you normally check social media on your phone during lunchtime? Do the same now. Once again, watch out for scams and misinformation, as cyber criminals love using social media to lure in their victims.

Other security precautions

Not every organization was prepared for this scenario, so it’s only natural that some may not have the level of remote security in place that yours does. This could lead to your company being compromised by a vendor or customer’s lack of preparedness. Make sure to get yourself up to speed with the guidelines that your organization has in place for remote work. Ask for directions if anything is unclear.

Not everyone has the same level of tech savvy—the only stupid question is one that isn’t asked.

On a different note

This is a big adjustment for many people. Your first few weeks of working from home may left you irritated, uncomfortable, unmotivated, or just plain exhausted. Adding cybersecurity tips to the list may just add fatigue right now. We understand. Take it a day at a time, a step at a time.

When working from home, find a comfortable working area where you can assume a healthy posture, minimize the distraction from others, and where your presence has the least impact on how others have to behave. Take breaks to stretch your legs, and give your eyes a rest. And if you enjoy working from home, now is the time to prove to your employer that it’s a viable option in the long run.

Stay safe, everyone! Now more than ever.