8 Security Basics Remote Workers Must Practice
Now that people have proven they can work productively from home, many organizations plan to maintain a hybrid work environment in which employees can split time between home and the office. Doing so will require a strong emphasis on security — not only by corporate entities, but by workers themselves.
Authorities have documented increases in ransomware, phishing, credential stuffing and other types of cyberattacks during the pandemic, with a majority of them targeting employees working from home. Lacking the protections of a secure office environment, remote workers often engage a variety of risky behaviors such as reusing passwords, clicking unknown links and using public Wi-Fi networks.
Although companies are responsible for implementing a multilayered defense, individual employees must also do their part by practicing good security hygiene while working from home. Cybersecurity experts at the National Institute for Standards and Technology (NIST), Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) offer the following best practices for remote workers:
1. Read and comply with your company’s remote work policies. Such policies should define which forms of remote access are permitted, which types of endpoint devices are permitted and what level of access each worker is granted. According to one recent study, 67 percent of remote workers admit to finding workarounds to corporate security policies by sending work documents to personal email addresses, sharing passwords and installing rogue applications.
2. Be vigilant about email threats. Don't open emails from senders you don't recognize, don’t click on email links if you aren’t certain that they are legitimate, and don’t open email attachments or web links unless they are expected and come from a trusted source.
Working from home will require a strong emphasis on security — not only by corporate entities, but by workers themselves.
3. Practice good Wi-Fi security. When working remotely, your home Wi-Fi network effectively becomes part of the company’s network. Always change the wireless router’s default password to a strong, unique password featuring a mixture of letters, numbers and symbols. Disable the remote administration feature. Update security settings to WPA2 or WPA3 encryption. Never use public Wi-Fi networks when connecting with the corporate network.
4. Use a VPN. If your organization has a virtual private network (VPN), use that to connect to the company network. VPN tunnels ensure that data being transmitted between a remote user and the office network is encrypted and protected in transit. If you don't have a VPN on your device, contact your company's help desk to see if one is available. Think twice about using a free VPN service, however. Many monetize their service by logging your activity and selling it to third parties for building online advertising profiles.
5. If possible, use only computers and mobile devices approved by your organization. If your company doesn’t provide these devices, make sure your personal devices have basic security features enabled. For example, enabling the PIN, fingerprint or facial ID feature will prevent people from gaining unauthorized access to a device. Use remote wipe solutions so you can erase data on a device that has been lost or stolen.
6. Keep your computers and mobile devices patched and updated. It’s estimated that more than half of all breaches exploit known vulnerabilities that have not been patched. Most endpoint devices provide an option for checking and installing updates automatically. Enabling that option can be a good idea if you don’t want to check for updates periodically.
7. Don't print work documents unless it is absolutely necessary. If you must print work-related documents, store them in a locked file cabinet where they can't be seen by visitors, friends or family. Have a shredder at home to destroy any printed information once it is no longer needed.
8. Work with your IT help desk. If you’re seeing unusual or suspicious activity on any device you’re using for work, contact your help desk or security operations center to report the activity.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.