March 30, 2020

Remote Work & Cybersecurity: How You Can Help

Custom development

As I, and many others, navigate the shift to full-time remote work in the wake of COVID-19, most of the discussion I encounter is focused on collaboration methods — and rightly so. Staying productive and motivated are critically important during such a major transition. But as essential as collaboration is, we can’t forget about keeping our devices and networks safe. As a cybersecurity professional, I wanted to share some best practices and tips that — now more than ever — are important to keep in mind as we all work from our home networks.

Don’t click the link!

It’s not technology that makes or breaks corporate security. We, as employees, are the weakest link in the security chain.

Yes, our corporate computers are protected with security software, but one poor decision to click a link in an unsolicited email can give an attacker ongoing access to my computer, my passwords, and my company’s network and data. Attackers are already sending phishing emails trying to get us to click malicious links by referencing enticing virus-related news. Don’t fall for it!

As someone who has developed cyber training content for many Fortune 500 companies, even I once made the mistake of clicking a link in a client-organized phishing email attack simulation while working at a client site. When I saw the email I thought, “Why would you send an email like this to your employees? I’m curious – this seems strange.” In other words, my mental alarm bells did go off, but I clicked anyway.

Keep your work life and personal life separate.

Your company may or may not have put an Acceptable Use Policy in place that defines expectations around reasonable personal use of company computing resources, but regardless, you should still take steps to limit personal browsing and perform personal digital tasks on a personal device.

Remember, if you are connected to your company’s corporate network through a VPN, all your web traffic is passing through their servers. YouTube, Facebook videos, and any other streaming content consume a lot of bandwidth and can bog down your company’s network.

It’s tempting to do everything all on one machine just to save time. Fortunately, personal devices are nearby all day long, so it should be easier than ever to use them for quick personal tasks instead of using your work computer.

Secure your home network.

1. Use Wi-Fi encryption and a long, complex password. Prevent unknown individuals from accessing your home Wi-Fi network. This is especially important for employees who live in cities where many people are within range of your Wi-Fi signal.

2. Be mindful of who is using your network. Children, other family members, and in some cases, neighbors may be on your home network (whether authorized or unauthorized). They may not understand safe browsing practices and, if their devices are compromised, could unknowingly provide an attacker a way onto your corporate computer and the corporate network.

3. Connect insecure devices using a guest network. Most modern routers come built-in with the capability to provide two separate Wi-Fi networks: a primary network for your computers and a separate guest network for others. The guest network should also be used for non-critical devices. (if your camera feed isn’t already publicly viewable on the internet). While there are promising industry trends and regulations aimed at improving this (e.g., the California Internet of Things Security Law which went live January 1, 2020), we have a long way to go before these devices are secure. Until then, it’s a good idea to isolate them from your most important devices and data.

4. Remember that Alexa, Siri and Google Assistant may be listening. Regardless of whether you work in an extremely sensitive organization or group where critical information is discussed by phone or video conference, remember that any device with voice-activated services is listening 24/7 unless you configure it not to. Every time you speak within range, your voice is being processed and stored either on the device, in the cloud, or both. Because these services have been scrutinized in recent years, many significant security and privacy concerns have decreased. But the devices on which they run (especially those not made by Amazon, Apple or Google) may have weak security and could be hacked, allowing an attacker to monitor your home remotely and compromise other devices on your network.

    Use VPN to access company resources.

    VPN encrypts all internet traffic to and from your computer, preventing an attacker who may be spying on your connection from intercepting any readable data or credentials that would give them access to your account or other corporate data. The challenge is that VPN is not always the easiest or quickest option to operate securely. Logging into VPN and managing your passwords, for example, are both activities that take time.  Regardless, it’s a good idea to use it anytime you are not in an office connected directly to the company network, and especially when you’re connecting from a coffee shop or other public or open network.

    It’s up to each of us as individuals to reduce cyber risk for ourselves personally and for our organizations. While no one expects your at-home computer use to be perfect, I hope you’ll implement these recommendations to help you operate more securely as you work remotely.

     



    Related Posts

    November 20, 2024
    Unveiling the Power of Intelligent Virtual Agents in Contact Center Solutions

    In the rapidly evolving landscape of contact centers, businesses need to meet the expectation of seamless, personalized, and efficient customer service interactions. Intelligent Virtual Agents (IVAs) have emerged as a powerful solution for meeting these demands. IVA systems are AI-driven solutions that enable businesses to automate responses and provide human-like, intelligent interactions that align with […]

    Read More
    November 6, 2024
    Master Contact Center Management: Key Principles for Success

    Effective contact center management goes far beyond answering customer calls. Call center managers tend to a variety of needs day in and day out. Some of these needs include prioritizing customer satisfaction, agent-well being, and keeping your technology and workflows up-to-date.   Today, CCaaS (Contact Center as a Service) Solutions involve more than just fielding calls. […]

    Read More
    August 19, 2024
    Exploring Microsoft Fabric: Features, Use Cases, and FAQs

    Microsoft Fabric is an innovative new analytics platform for data-driven organizations. The MS Fabric toolset is impacting data-driven organizations across industries for the better, and Kenway is continually learning how to leverage these data advancements to solve clients’ unique challenges. This blog will explore what Microsoft Fabric is, why the tools the platform offers stand […]

    Read More
    1 2 3 25

    Read More

    White-Glove Consulting

    Have a problem that needs solving? A process that could be smoother?
    Reach out to Kenway Consulting for a customized solution that fits your needs today.

    CONTACT US
    chevron-down