This has been an adjustment, sure. But many are finding that this crisis has pointed out just how many of us really can do our jobs from home, and as a result, around one quarter of companies plan to keep their pandemic-induced work-from-home policies in place even after this public health emergency comes to an end.
In general, this is great news. But working from home – whether in a home office or at the kitchen table – comes with some threats that many of us have never considered, and it’s important to address these to keep you and your company safe. Below we’ve identified the major threats that are out there as well as some strategies you can use to protect yourself.
Some Cybersecurity Stats to Consider When Working From Home
Top Threats Facing Your Home Office
For you to understand why the security measures we’re going to suggest you implement are necessary, it’s important to first understand what threats you actually face while working from home.
In general, these dangers are avoidable, but assessing the risk is important to any mitigation strategy, so here are the things you need to watch out for and defend against:
Almost all of our valuable information – personal, financial, legal, etc. – is stored in a variety of digital formats, and because it’s valuable, it’s only natural that there are people out there who are looking to steal it. To get it, cybercriminals need to “hack” into whatever system that has the information they want, which is tech-speak for gaining access to something they don’t have permission to access.
As a result, preventing against data theft and hacking means making sure that all the systems you use that store valuable information are properly guarded. And when you’re working from home, this is especially important because one misstep could provide hackers with access to information that would compromise not only your company but also your customers, which can have devastating effects.
One thing to point out is that hackers no longer only target large companies. Yes, big corporations do have more data, but they also have more resources to protect it, so they are tougher to hack. As a result, hackers are increasingly targeting smaller companies because while they have less data, it’s easier to access.
For you working from home, all this means is that you need to be vigilant no matter what type of company employs you. The risk is always there and you need to make sure you’re properly protected against them.
Identity theft has been a risk we all face for longer than our lives have been as digital as they are. However, with more of our lives online than ever before, it’s become easier for someone to assume our identities and act on our behalf, potentially wrecking our personal and financial lives in the process.
However, when you begin working from home more often, the potential consequences of identity theft become even more severe since allowing someone to gain access to your personal information could lead them right into company systems, which could lead to more data/identity theft and put your company’s survival in jeopardy.
As a result, while this is always a concern, when working from home, it’s especially important you take all possible precautions to keep your identify safe.
Viruses, Malware, Ransomware
Another major cybersecurty threat to consider are those which come from the many different types of malicious software out there. These programs “infect” your computer and either hold it hostage until you turn over money or information (ransomware), record or track your movements (spyware), or just straight up steal your data (virus and other malware.)
Unfortunately, the ubiquity of malware and other types of destructive programs means they have become a fact of life, and while installing malware on your personal computer won’t always result in a catastrophe, doing so on a computer you use for work is much more likely to do so. It’s therefore essential that you learn as much as possible about detecting malware so that you can spot it and prevent it from ever reaching your hard drive.
One threat we don’t consider too often but that is becoming more and more real every day is that posed by cyberbullying, which is essentially the same as the bullying we all know and recognize but that takes place in a digital setting.
Many think this threat is something reserved just for children, but a considerable amount of adults have either experienced or witnessed cyberbullying when online.
Working from home requires to you interact in far more digital spaces than perhaps you’re used to and inappropriate or offensive comments can lead to much more dramatic consequences since many workplaces have little to zero tolerance for things such as cyberbullying.
Protecting yourself from both engaging in and falling victim to cyberbullying requires you to understand what it is and also implement some common sense tactics to ensure that the online environments in which you operate are entirely safe and secure.
When we think about protecting our home offices, the first thing we tend to think of is protecting it from the many online threats that are out there. However, in doing this, we must not forget to pay attention to the physical security in our offices. Letting you computer, phone, or whatever device you use in your home office can have devastating effects for both you and your company.
In most cases, preventing against such a thing requires little more than making sure the office and your devices are properly locked up, but in some situations, you may need to do more.
Tips for Maintaining a Secure Home Office
As you can see, there are many different threats out there that could turn your home office into a liability. However, we don’t want this to scare you, for there are things you can do. All we want is for you to see just how serious the threat is so that you can take action. Assuming you’ve done this, here are some ways you can keep your home office safe and secure.
Start By Learning Your Company’s Work From Home Policy
It’s important to remember that you don’t need to reinvent the wheel. If your company is having you work from home, it’s very likely that they have thought through some of the potential dangers of such an arrangement and provided you with strategies you can implement that will help address the specific security needs at your company.
Things to look for in remote work policy (that you should ask about if they’re left out of the document) include:
- Guidelines about passwords and other login information
- Protocols for data sharing
- Rules and regulations regarding access to certain systems
- Authentication procedures
- Resources to help you be more secure
- Contact information for people who can help you should there be an issue
- Tips on what is acceptable communication and what is not (so as to prevent potential cyberbullying issues)
In the event your company doesn’t have such a policy, or you find that it inadequately addresses the issues at hand, then you should reach out to a supervisor or other colleague and initiate the conversation, for it’s very likely you are not the only person with concerns related to cybersecurity and working from home. Plus, doing this could save your company a tremendous headache down the road. After all, the majority of cybersecurity issues companies face stem from employee mistakes.
Practice Good Password Habits
A good, strong password is your primary and often most effective defense against the cybersecurity threats we’ve mentioned are lurking in the shadows of your digital work environment. However, many people don’t recognize this and don’t take the time to make sure their passwords are able to keep them as safe as they possibly can.
The first thing you should do is make sure all your devices are password protected and that changes cannot be made to the system without administrative approval, meaning you need to enter your password to do so. This puts up a solid line of defense should anyone or anything (think malware) get into your computer and attempt to access data or make changes that could lead to a hack or something worse.
In addition, make sure that all of your accounts are secured with good passwords. These days, this is required in most cases, but it’s smart, especially when you’re working from home, to go the extra mile and make sure that your passwords are extra strong.
For those who don’t know, a strong password includes:
- Difficult to guess letter/number combinations. This means not using birthdays, addresses, names, etc., and it also means not using things such as “123456” or something similar.
- Numbers and symbols. Throw in an @ sign instead of an “O”, or an exclamation point instead of an “I.” These simple tricks make your password infinitely more difficult to guess, helping to keep your accounts and devices secure.
- At least 8 characters so that, once again, it’s difficult for someone else to guess.
Other things to keep in mind include making sure you change your passwords once every six months or so to prevent anyone who might get a hold of them from accessing the accounts their meant to protect. Also, make sure you NEVER share your password with anyone.
One thing you can do is to use auto-generated passwords. These are usually long and impossible to guess, making them the most secure. However, you won’t be able to remember these on your own, so if you go this route, make sure to use a password manager such as Last Pass that will save and encrypt your passwords.
Build the Habit of Locking Computers
If you have ever worked in an office, you are likely used to the habit of locking your computer using “CTL + ALT + Delete” when you’re away from your desk. We recommend you continue this habit even when you’re working from home. This way, when you step away from your computer, the various files and databases you have open remain protected. For some, this might seem like an unnecessary step, but it’s important to get into the mindset of constant vigilance, which is what will ultimately keep you and your office safe.
Establish Good Physical Security
We mentioned earlier how it’s important that you don’t allow your focus on protecting against cybersecurity threats to blind you to the other threats that exist, such as that of a break-in.
However, protecting against this is pretty simple. Just make sure that you secure your devices in a room that locks, or a drawer that you can lock, when you’re not using them. For those who have extra sensitive information on their computers/phones, it might not be the worst idea to set up some sort of alarm system that allows you to further protect the space you use as your home office.
In addition, you could expand this security system to include your entire house, which will help give you peace of mind as it relates not only to the security of your home office but also your entire house.
Implement Two-Factor Authentication
One really simple way of protecting against the many threats that are facing your home office is to enable two-factor authentication wherever possible. This service is becoming more and more available, and it’s so simple that it would be a crime to not use it, especially when you are working from home and need to protect the sensitive information that relates to your job.
For those who don’t know, two-factor authentication is a security protocol that simply asks for two forms of identity validation before providing you access to a system. For example, it might first ask you for a password but also an answer to a security question. Or, another form that is becoming increasingly popular relies on you linking your account to a phone number and then entering a code that is sent to that number after typing your password, which helps ensure that it’s really you rying to access the account in question.
This is a really simple and easy to set up security protocol that will go a long way towards ensuring your accounts, and by extension, your home office, are as secure as they can possibly be.
Practice Spotting Phishing
Phishing, for those who don’t know, is the tactic hackers use to try and get you to willingly hand over information related to your accounts so that they can gain access to a database they deem valuable. It’s one of the most common forms of cybercrime and is surprisingly effective.
Typically, phishing attempts look shockingly similar to official correspondence from a service you use, but there will almost always be something wrong. To check if something is real or not, do the following:
Once you get the hang of this, it actually becomes quite easy to figure out when someone is trying to steal your information. But for those who are struggling to figure out what’s real and what’s not, then consider practicing with this free tool provided by Google. Familiarizing yourself with the patterns that appear in phishing will help keep you and your company safe from most attacks.
Install Anti-Virus Software
Although far from perfect, anti-virus software is a very useful line of defense against the many threats that are out there and is a “must have” for anyone working from home. Not only do these programs help you remove malicious software should it make it onto your computer, but they also do real-time checks to alert you of potentially dangerous sites and links before you click them, and they also put a step between downloading and installing programs downloaded from the internet, which give you the chance to review that what you’re doing is safe.
In most cases, your company should provide you with some anti-virus software, but in the event they don’t, then you should reach out to someone and find out how to get access, or, in a worst-case scenario, purchase a subscription for yourself.
Protect Your WiFi Network
Relying on your home WiFi network for work means you need to make sure it’s properly secured and protected, which you can do by following these steps:
Download a VPN
A virtual private network (VPN) is a tool that allows you to encrypt your WiFi network so that it appears you are browsing from somewhere other than where you actually are. This helps keep your online activity and identity private, adding another layer of security in the meantime.
Many companies will require you to use a VPN if you are going to work from home, especially the larger ones, but if you work for a smaller company, you may need to get this service on your own, which you should.
However, one thing to note is that a VPN will slow down your network connection, so make sure you have the performance you need before installing a VPN, as this will help prevent some headaches down the road.
Encrypt Your Data
One thing you can do to ensure your home office is extra secure is to encrypt the data on your devices. All this means is that this information will be inaccessible to everyone except those who have the key, which would presumably be limited to yourself and few others.
For many, such a step might be overkill, but if you have lots of sensitive data on your devices, it’s necessary. However, if you want to go this route, speak to a cybersecurity expert at your company as setting this up can be complicated and you want to make sure you’re not making things harder for yourself down the road.
Regularly Perform Backups
This should be a part of your cybersecurity practices anyway, but ensuring you’ve backed up the information you’ve stored on your devices is essential. This way, if your computer does get compromised by a virus or some other form of malware, you can wipe it clean and not worry about losing everything. You can backup your data manually by setting a reminder to do so once a week or month, or you can use a cloud-based system that will do this automatically. Which one you choose depends on your needs, but the bottom line is that backing up your data is essential to keeping your home office safe and secure.
Whether you’re new to working from home as a result of the pandemic or been doing it for a while, you’re likely familiar by now with how great of an arrangement this can be. However, as with everything in life, the good comes with the bad. But don’t let this discourage you. Instead, be aware of the risks and take the necessary steps to secure your home office. And don’t ever let up; in the end, constant vigilance is the only thing that will keep you safe forever.