As millions of people rush to set up workstations at home amid the COVID-19 coronavirus pandemic, it’s important to slow down and keep security in mind. While security risks always existed, many workers had to make the change almost overnight, packing up the contents of their desks, grabbing their laptops, and setting up at the home office the next day, leaving little time to think about security best practices.
What are the Most Important Steps to Secure Your Home Office?
VPN – Still the Safest Way to Connect to the Office
A VPN (Virtual Private Network) is one-way remote workers can establish a safe connection to the office. Utilizing a VPN creates a secure, encrypted tunnel between a device or even an office location and a firewall or private server located elsewhere. This blocks anyone from viewing or modifying Internet traffic.
A remote user runs an app with preconfigured connection settings and logs in using their normal network login information. Once connected, it is like sitting in the office, albeit a little slower depending on the Internet connection.
Multifactor authentication provides additional security as far as who is logging in remotely. It does this by requiring something in addition to a username and password. Typically, two of the following three common options are used: a known component (e.g. username/password), a provided component (e.g. a time-sensitive code), and an inherent component (e.g. a fingerprint). Many websites already encourage multifactor authentication, they usually only provide for combining your username and password with a time-sensitive code. A code sent to you via text in some cases.
Multifactor is important for remote users because it prevents criminals from being able to log in remotely by somehow obtaining only their password – it requires that additional factor which the criminal will not have. Learn how to best set up multi-factor authentication for your employees both remote and those in the office.
Make Sure Home Computer Has Updated Antivirus Software
If you are using a home computer to connect to your business network, you’ll want to make sure it has antivirus software. Antivirus software is readily available and easy to install; subscription-based solutions can be found online and downloaded. The best programs run in the background automatically and update themselves to protect against the latest threats. While it’s important to have it set up, know that anti-virus is only one component against today’s security threats.
Protect Your Home Office Wireless Connection
In many cases, once a Wireless router has been installed, we find a place in our home for it and forget about it. As long as all our devices are set up and connected via the Wi-Fi network, that’s all that matters, right? Wrong! To ensure that you are protected against potential hackers, here are 5 ways you can protect your home office wireless network.
- Router Security
Using the encryption on your Wi-Fi router is the first and most basic step of securing your home network. To do so, you will need to access the security settings for your router. Look for the options to encrypt the signal, these will include WEP, WPA, and WPA2. WEP is the least secure option and it should only be used if your devices do not support the other options. Opt for WPA or WPA 2.
- Hide your Network
The SSID is essentially the name of your home network. When your router is set to broadcast the SSID, it provides devices that are searching for a wireless network, with the name of your connection. If a person can identify your network, this gives them the first piece of information that they will need to access it. With this feature disabled, any person that wants access to your network will need to find the name of the connection before they can start trying to hack your password. This creates another layer of protection.
- Customize your Network Name
Changing the name of your network is a good idea for two reasons. The default name on the router is likely to be something very common, such as the word default, or the name of the manufacturer. By changing it, you show any potential hacker that you took the basic security steps to protect the connection. It also makes it more difficult to guess after disabling your SSID broadcast.
- Password Change
Every router has a password to allow for administrative access. This is where you go to make adjustments to how the network operates, or to change settings such as the encryption. The problem is that with most wireless routers, the default username and password will be something simple and easy for an outside individual to find out. Go to the security settings on your router, and change the password to something that only you will know.
- Choose Who Has Access
Even with all of the above steps, it may still be possible for a determined individual to gain access to your home network. With MAC filtering, you can ensure that only devices that you trust will be able to gain access. Every device has a MAC address and you can list the devices that you want to grant access to in the MAC filtering settings.
How Can Employers Help Increase Security for Their Remote Employees?
Set-up Session Time-outs for Sensitive Programs or Applications
While a user should not have to reconnect after walking to the kitchen for a cup of coffee, it is important to realize that not all employees will have the discipline to log out for the day.
Limit Program/File Access to Only the Areas Absolutely Needed by that Employee.
Also known as the principle of least privilege, an important design consideration in enhancing the protection of data and functionality from faults and malicious behavior. While the concept of least privilege is relatively simple to understand, it can be complex to effectively implement.
Provide Services for Remote File Storage
Because of its ease of use, employees want to move files in and out of personal cloud storage accounts as they work from their home office. While this seems like an efficient and harmless practice, personal cloud storage accounts have a higher tendency to be hacked. If your private company information or client information is sitting inside of your employee’s personal cloud account, you’ve just opened up a huge security issue for your company.
Offer Security Awareness Training
Now is the time to be extra vigilant when it comes to security. Workers are distracted by their disrupted routines, new work environments and may be more likely to click on an email that seems like it’s from the IT department or a vendor when it turns out to be a phishing attack. While they are your biggest asset, employees are also the weakest link of your company’s cybersecurity. This means that ensuring they have cybersecurity awareness training to defend themselves and your company against threats is a critical part of a healthy cybersecurity program