Confronted with widespread human, social, and economic ramifications surrounding COVID-19, businesses and individuals are facing unprecedented times.
One of the key preventative measures to reduce the spread of the virus is social distancing, which for many organisations means encouraging – or instructing – staff to work from home.
Luckily, in this increasingly connected world we can continue our professional and private lives virtually. But moving at short notice from a trusted office environment to working remotely can create security risks. With a huge increase in the number of people working remotely – either within countries that are under lockdown or due to responsible social distancing – it is worth keeping in mind that opportunistic cyber criminals revel in exploiting fear and chaos in order to steal money and compromise businesses. At this time it is vital that we take care of our cyber hygiene – which wearing a mask, washing your hands for 20 seconds and practicing social-distancing doesn’t cover.
You can find some quick basic steps on our infographic below to help get you started!
Here are 8 simple ways to work with colleagues online and stay safe, both during and after the coronavirus pandemic:
1. Take a deep breath and re-read whatever work-from-home memo your company sent out. It should outline what programs you should be using for calls, video conferencing, file sharing and whether you need a virtual private network (VPN) to log in to your network. If the memo doesn’t outline these things, ask!
2. Virtual Private Networks: There are two main uses for VPNs. The first are personal consumer VPNs that create a security proxy to the internet so you can maintain your privacy on public WiFi networks. There are also corporate VPNs, which are typically used for accessing office resources. They allow your computer to connect to your company network as if you were in the building. Ask your IT department if you need a VPN and if so, which one they want you to use. If you don’t have an IT department, well-regarded VPN providers include Express VPN, NordVPN, and CyberGhost. Note that these all cost money and that’s a good thing!
3. Your Wireless Network: Almost every home network relies on a wireless (or
Wi-Fi) network these days. Securing your wireless network is a key part of protecting your home:
Change the default administrator password to your Internet router or wireless access point. (Whichever one is controlling your wireless network.) The admin account is what allows you to configure the settings for your wireless network.
Ensure that only people you trust can connect to your wireless network. Do this by enabling strong security. Currently, the best option is to use the security mechanism called WPA2. By enabling this, a password is required for people to connect to your home network, and once connected, their online activities are encrypted.
Ensure the password used to connect to your wireless network is strong and that it is different from the admin password. Remember, you only need to enter the password once for each of your devices, as they store and remember the password.
Many wireless networks support what is called a Guest Network. This allows visitors to connect to the Internet, but protects your home network, as they cannot connect to any of the other devices on your home network. If you add a guest network, be sure to enable WPA2 and a unique password for the network. Not sure how to do these steps? Ask your Internet Service Provider or check their website, check the documentation that came with your Internet router or wireless access point, or refer to their respective website.
4. Your Devices: The next step is knowing what devices are connected to your wireless home network and making sure all of those devices are secure. This used to be simple when you had just a computer or two. However, almost anything can connect to your home network today, including smartphones, TVs, gaming consoles, baby monitors, speakers, or perhaps even your car. Once you have identified all the devices on your home network, ensure that each one of them is secure. The best way to do this is ensure you have automatic updating enabled on them wherever possible. Cyber attackers are constantly finding new weaknesses in different devices and operating systems. By enabling automatic updates, your computer and devices are always running the most current software, which makes them much harder for anyone to hack into.
5. Passwords: The next step is to use a strong, unique password for each of your devices and online accounts. The key words here are strong and unique. Tired of complex passwords that are hard to remember and difficult to type? So are we. Use a passphrase instead. This is a type of password that uses a series of words that is easy to remember, such as “Where is my coffee?” or “sunshine-doughnuts-happy-lost”. The longer your passphrase is, the stronger. A unique password means using a different password for each device and online account. This way, if one password is compromised, all your other accounts and devices are still safe. Can’t remember all those strong, unique passwords? Don’t worry, neither can we. That is why we recommend you use a password manager, which is a special security program that securely stores all your passwords for you in an encrypted, virtual safe – like LastPass. Finally, enable two-step verification whenever available, especially for your online accounts. Two-step verification is much stronger. It uses your password, but also adds a second step, such as a code sent to your smartphone or an app on your smartphone that generates the code for you. Two-step verification is probably the most important step you can take to protect yourself online, and it’s much easier than you think.
6. Back-up your data: Most companies do behind the scenes backups of their networks so workers never have to think about backing up. Check to see if that will still happen if you’re working remotely. If it won’t, ask what your company wants you to do. For small amounts of data, you can store files for free on Google Drive and DropBox and their plans for storing more probably won’t break the bank. Again, you get what you pay for.
7. Signing documents remotely: If you’re not in the office to sign forms, DocuSign and HelloSign are secure and widespread programs to get signatures on things that need signatures.
8. FaceTime, Google, Slack or Teams. Chances are you’ve already got the programs you need on your computer and phone for conference and video calls. If you don’t, see what your work is recommending. If you have to download new apps, make sure you’re getting them from either the Apple App Store or Google Play Store. Both companies are being extra careful about apps at this point. Do not under any circumstances use third party application sites — they’re known for being malware havens. If you see a tool you’ve never heard of, instead of going ahead and downloading it, ask someone at work.
BeCybaware: Exercise caution in handling any message with COVID-19-related topics, such as social media links, email attachments and hyperlinks. Perform due diligence of any social media plea, text, or call related to COVID-19.
Cyber Stealth empowers cyber heroes with world-class security awareness training and simulated phishing.
It's Cyber Made Simple.
