Working from home can be an efficient way to save you and your business time and money. However, when it comes to cyber security, do you know if your home and work networks are safe?
If you’re conducting business on a home device or anywhere outside of the office, it’s easy to forget about the security of your information. However, to assume that your home system isn’t just as vulnerable to attackers as an office network would be a mistake.
Vulnerabilities of Working from Home
Telecommuting introduces a series of new threats to your business, especially when you are working from home. With the movement towards the Internet of Things, every single one of our devices are connected. This means that even when you are using a work machine, it will connect to your personal devices on your network like your phone, home computer, or anything else. If these devices have low security, then your work machine will be vulnerable through them.
One significant risk is that hackers may be able to access your corporate network or data without having to be on site. When you allow your system to be accessed from the homes of your employees, you also risk allowing that information be accessed from those same locations.
More risks result when you are frequently communicating electronically with your co-workers or employees. Intruders may be able to access, read, or even modify those communications while they are in transit. As soon as that information leaves your environment, it must rely on the teleworking user’s environment and security.
Limit Your Risk
Having good teleworking policies in place is a great start to ensuring your employees are telecommuting safely. Here are some ways workers can limit risk when working off-site.
Lock Down Your Wireless Router
This is a simple fix for an obvious threat. Always remember that anyone within the radius of your unlocked wi-fi signal can use it. This means the risk of outsiders collecting sensitive information from your network significantly increase. Anyone who has access to your wireless connection has access to your network and your data. For example, they might choose to illegally download media on your connection, which would be traced back to your router. Or they may decide to eavesdrop on communications on your network, potentially stealing corporate or client data.
Don’t Use Default ISP Usernames or Passwords
Most of the time, the username and password is a default set for all routers of modems deployed by the ISP. Therefore, not changing them from the default could be a significant cyber security oversight on your part. Remember, a strong password contains 8 to 14 characters and unpredictable symbols (example: ~, $, {, or >). This tip should primarily be employed by those who run businesses out of their homes, or frequently have clients at their home offices.
Use a Work Machine Whenever Possible
If you have a company issued laptop, tablet, or other machine, always use that while conducting business instead of a personal device. The general assumption is that a work machine will have more security. Even so, you get the bonus of keeping all your work files on one hard drive.
You can’t always predict when a cyber-attack might happen, but the better your security, the more prepared you will be when intruders test your system. The key to safely working remotely is ensuring your home network is as secure as possible.
Use Anti-Virus and Anti-Malware Programs
If you don’t already use anti-virus and anti-malware programs for your computer and all software, download it immediately. This is just good practice, even for your personal computers. But just having the programs are not enough. Make sure that you are conducting virus and malware scans on a regular basis. Without these scans, you may go months (or longer) without ever knowing your network, machine or software has been compromised.
Use a Host-Based Firewall
Host-based firewalls are simple to create and the best way to protect your company network. They protect against a wide number of threats including newer, more sophisticated viruses. They also protect your even if your primary firewall is breached or fails and are a second layer of security even if hackers manage to gain access to your corporate network.
Employ Strong Encryption
Encryption itself won’t prevent any communication from being intercepted, but it will make understanding those messages difficult for hackers. Any employees who are communicating sensitive information outside of the protected company network should employ strong encryption to ensure that even if a malicious attack is able to read the message, they won’t necessarily be able to use the information they’ve intercepted.
Use an Air-Gapped Computer
An air-gapped computer is one that ensures that your secure network is physically isolated from unsecured local or public networks. These devices are generally considered to be significantly more secure than others. However, because information can only pass to air-gapped computers via a USB flash drive, other removable media, or a firewall that directly connects two computers, it may or may not work for your business. However, if you think you can still conduct your business this way, it is one of the safest routes to protecting confidential information.
Need Help with Cyber Security?
The Carson & SAINT team enforces a life cycle approach to structuring information security programs that ensure that your organization’s most critical data is protected, safeguarding its confidentiality, integrity, and availability. The technical solution we offer has been vetted over many successful engagements and couples the best of breed methodologies, technologies, and security experts together to bring a holistic view to an organization’s security program.
0 Comments