Currently, many workplaces are asking or allowing employees to work from home (WFH) to minimize the spread of covid-19. These “safer-at-home” policies have upended the traditional office workplaces. Gone are the cubicles or open-office desks, meeting rooms and private offices, desktop computers and hard phones. Many companies had been moving towards more cloud and WFH-friendly policies, like providing soft phones run through the cloud, installing email on personal devices, and providing laptops that can be taken home.
However, as more companies have been forced to think about cloud storage, voice over IP (VOIP), virtual conferencing, and other technologies that make working from easier, they often forget one big part of the equation: security. Without the security protocols and services put in place in a physical office, many workers are susceptible to data breaches and scams. Here are six easy tips for working securely from home.
Know that free doesn’t always mean secure.
Unfortunately, the phrase “you get what you pay for” is well-known because it’s often true. We provided a list of 11 platforms offering free services during the pandemic. And while they are very good and it’s good to know what is free, recent news stories about Zoom bombing and other hacks to these platforms have caused security concerns with some of these services. Before using a free service, make sure you check to see what the security of the platform is. If you think you will be discussing confidential information or simply want a higher level of security, consider paying for a service.
Update your devices and software.
One of the easiest (and most cost-efficient) ways of making your devices more secure is by downloading and installing updates. Makers and programmers are always finding vulnerabilities and places where they can improve the security of browsers, apps, and software. By updating to the latest version, you know that you will have the most secure version available.
Lock your devices when you’re not using them.
Another free and easy way to stay cyber-secure is by locking your devices with a password when you are not using them. Although we don’t think that our families, loved ones, or roommates would intentionally steal any information, we can’t discount mistakes. It’s easy to imagine the scenario where you leave your computer open, your kid decides to download a game or click on a popup, and all of a sudden your files are corrupted.
Set up a VPN.
A virtual private network or VPN is another easy way to make the information you receive and send private. A VPN encrypts the traffic coming and going from your computer so that corporate sensitive data isn’t going out on the public internet and prevents bad actors from seeing your information. Typically, a company might set up a VPN for 25 to 35% of employees. With more people working from home, that means that way more than 35% of people are trying to access the VPN and cannot get in. If your company doesn’t have a cloud-based VPN, you can’t easily scale up.
If you work from home but don’t have a VPN set up by your company, you can set one up yourself. You should especially use a VPN any time you are not using a private WiFi network with a password, since free WiFi is not secure. However, when considering a VPN, be conscious of the fact that the VPN will have access to your data and that it may disrupt other apps and services on your computer.
Make multi-factor authentication a habit.
Multi-factor authentication (MFA) provides an easy added layer of security. In most cases, you simply have to turn MFA on for the service you are using. For email, Office365, or other cloud services, multi-factor authentication will ask you to enter your username and password, and then at least one more piece of evidence that proves you are who you say you are. This can include sending a text to your phone, sending an email to a back-up email address, or answering a question you have designated. The theory behind this security system is that while someone may have stolen your username and password, they don’t have your physical phone to receive the code or don’t have the answer to your designated question.
Use what your work provides.
Most workplaces know that cybersecurity is important for myriad reasons. It can be that they’ve heard the horror story of a hacker locking up files for a ransom or they’ve simply seen an employee fall for a phishing email that didn’t lead to damage right away, but compromised the security of the company. Because of this, the technology department probably insists that you only use your work email for work and share files using SharePoint, the company’s DropBox, or their cloud drives. Using these services allows the company to know the level of cybersecurity and could trace any breaches. Similarly, companies usually want you using provided devices like phones and laptops because they can also manage the security there.
If you have any questions or concerns about your work-from-home software and how to make your communications more secure, contact us today.