You, Hackers, And Office Security

Introduction

As the world emerges from the pandemic, it is fair to say that working from home (WFH) is something that employees will do either permanently or part of the time. At the very least, all businesses must be prepared for future situations where going into the office is not an option.

Business owners, CIOs, and IT Managers must fully prepare their companies to function remotely at a moment’s notice. At the beginning of the pandemic, there was a mad rush to WFH for what we thought was for a few weeks, but it turned out to be much longer.

Cybersecurity Needs To Be Top-notch

While you might still use the dining room or coffee table as a desk, the physical setup is not as important as the setup of things not readily seen at first sight. If you haven’t addressed it yet, now is the time.

Physical security of your devices. This means your laptop, or desktop, and mobile phone. If you have to leave these unattended for any time, make sure that that they are set to lock or, better yet, shut down. While theft isn’t something you plan on, it can occur. If you are working in a shared space of the house, move the devices at the end of the day to a location that is safe and out of sight.

The access that your device provides also should be reviewed. If you are using a personal device, this is even more important.

  • Are your passwords shared across accounts? If yes, change them.
  • Consider using a password manager to store all of your passwords.
  • Ensure that file sharing is turned off if you are on the home network.
  • Turn on encryption and multi-factor authentication.
  • Make sure ALL company files are saved to your company’s server and not on your device so they can be adequately protected and backed up.

Avoid using personal devices to access the company network. Personal devices that use outdated software, unsupported operating systems, have inadequate or non-existent security programs, and are shared with other family members are a significant risk. Poorly secured devices can pass malware onto the corporate network during work sessions.

Disable digital assistants while working. Products like Amazon Alexa and Echo, Apple’s Siri, and Google Assistant are generally listening all of the time when turned on. That means recordings possibly exist somewhere online. You don’t want confidential corporate discussions suddenly available “out in the wild.”

A VPN with encryption is a must. NEVER access your company’s network from outside the office without one. Without a VPN, your communications between you and your company can be hijacked by cybercriminals.

Pay attention to your home Wi-Fi:

  • Never leave the default password for any device! Change them all, especially on routers.
  • Make sure you’re using the latest Wi-Fi security protocol, which is WPA2.
  • Disable remote access, Universal Plug and Play, and Wi-Fi Protected Setup. These features have good intentions but make it easier for unauthorized access. You can always enable a feature if you later need it.
  • Set up a Guest Network for others to use, separating access to your network.

Adhere to all company security policies and procedures. They are there to protect the company and you. Just because you’re out of the office doesn’t mean that they no longer apply.

Conclusion

Business has changed quite a bit since COVID. The pandemic has increased cybercrime substantially, opening new avenues of attack against companies. Hackers know that home networks are generally not very secure like their corporate counterparts, so they’ve stepped up their attacks against home-based workers. However, with a bit of thought, you can increase your security and keep your employer’s data safe.

XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions. We provide Disaster Recovery as a Service (DRaaS), Backup as a Service (BaaS), Cloud Data Protection (CDP), and Managed IT Services (MSP). Call (845) 362-9675 for a free consultation. Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection