Securing Your Infrastructure When Working From Home
Working from home (also called telecommuting) is becoming more and more common. If you are new to this remote work arrangement, you may have many questions, especially around cybersecurity.
In most offices, employees can rely on an IT department to set up their work environment. However, working from home is quite a bit different, and you may have to do it yourself. From setting up your actual machine to installing software to applying updates and patches, more and more of what is considered traditional IT work falls to the employee to do at home.
One of the most important aspects to get right is security. Since you will be handling sensitive company information and private data, it is critical that your personal equipment not be compromised.
Threats that aren't present in an office environment are quite real when working from home.”
If your company has an IT department, be sure to consult them. It is likely that your organization already has cybersecurity policies that you can and should follow. These policies are designed to protect both you and the company, keeping your interests aligned.
And if you are using a computer provided by your company, it may come with many security features pre-configured. Make sure to use only that computer for any work-related activity.
Once that is done, you should protect your personal computers and information. If hackers or nefarious parties can access your machine, then all of your private work data and information are at risk.
Secure Your Computer
There are some basic steps that you can take to increase the security of your computer:
Use an Antivirus and a Firewall
When your computer is connected to the internet, there are viruses and malware that can cause significant damage; an antivirus and a firewall will protect your computer against them. Your computer should come with these cybersecurity tools pre-installed. If not, make sure to install them or consult with your IT department.
As a reminder, double-check that both the firewall and antivirus are working correctly.
Keep Your Software Up-To-Date
Updates fix security holes within your software. Typically, your operating system and the apps installed from its app store will be automatically updated. You can also schedule these updates to happen when you are not using your computer.
Many people do not realize that many software updates are about patching known cybersecurity vulnerabilities, and not updating software in a timely manner will leave their machine vulnerable to intrusion.
Install and Run Only Applications From Trusted Sources
Ideally, you should obtain your software from the official app store or publisher. If you download software from the internet, make sure that it comes from a source that you know and trust. Even better, ask your IT department to download and install the software for you, even if it's done remotely.
Be mindful not to download software, particularly .exe files, that are unfamiliar or unneeded.
Protect Your Personal Information on the Internet
Take the following cybersecurity measures to keep your data safe:
Use Strong and Unique Passwords
Use strong and unique passwords when registering any new account so that potential hackers cannot guess them. They should contain a combination of uppercase letters, lowercase letters, numbers, and symbols.
Don’t use the same password on multiple websites. Otherwise, if one of them is compromised, that password could be reused by hackers to access your other accounts.
You can use a password manager to help you remember all your passwords. It can even generate these passwords for you.
Furthermore, it would be best if you changed your passwords at regular intervals. We recommend a password change every three months to keep your accounts as secure as possible.
Enable Multi-Factor Authentication (MFA) When Possible
Most websites offer the option of configuring a secondary authentication method, also known as Multi-Factor Authentication (MFA), like a mobile app or an email address. This protects your account even if your password is stolen, denying access to accounts from a different device.
Only Share Your Personal Information With Trusted Websites
Having less information on the internet reduces your exposure to identity theft, including social media sites, banking and investment sites, retailer sites, and more. Never share your passwords directly with anyone, not even to your bank. If you have an issue signing into a website, that website should offer you the option to reset your password to a new one.
Be Careful of Phishing Scams
Phishing scams are attempts to steal your money or your identity. If you receive an email warning you about a threat or promising a reward, double-check its validity by going yourself to the official website mentioned in the email or consulting with your IT department.
Do not click on any links in that email; it might lead you to a website that looks official but is actually a fake copy designed to obtain your password. American companies lost close to half a billion dollars to phishing scams in 2017 alone, so not only is the threat real, but so too is the impact felt by businesses themselves.
Enable Full-Disk Encryption
Most modern computers have the option of encrypting all your data automatically. This protection does not impact your ability to work but does provide an excellent source of additional security for your files and data.
Make Regular Backups of Your Data
Keep a copy on a USB drive and store it somewhere away from your computer. That way, if your computer gets damaged or stolen, you will still have your data stored in a safe place.
You can automate this process with software backup tools. Your computer likely has a tool to back up your data online.
Secure Your Work Documents and Information
When you open an email, a document, or any other information coming from work, make sure that it stays secure and confidential:
Store Your Data Safely
If your company provides a platform for storing your work, you should use that whenever possible. This platform is typically secured, encrypted, backed up, and always available.
Commonly used tools like OneDrive or Teams from Microsoft, G Suite and Drive from Google, Dropbox, and Box.com offer largely-secure cloud storage options that your company's IT department can administer and secure.
Protect Your Physical Computer
Do not leave it unattended, especially if it is unlocked. Keep your computer in a secure room and consider securing it to your desk for extra security. Just because your computer is in your home doesn't mean it is physically more secure than in an office environment. And while we hope a burglary of your home never happens, computers are high-value items for anyone that might break into your home.
Stay Alert and Informed
If you’re using your computer and notice something strange, let your company’s IT department know. Attempting to resolve a security issue on your own or ignoring it only exacerbates the problem.
Gain Peace of Mind With a Secured Work Environment
Going from working at the office to working from home can be a difficult transition. But that's all the more reason to re-focus on securing your hardware and software. In a time of transition, what you don't need is uncertainty and discomfort.
A properly secured work environment should provide peace of mind to both you and your employer.”
Take the time to adapt and get comfortable in this new environment. Following the best practices above should keep both your physical machine and the data that you work with every day from falling into the wrong hands.
Liquid Web Can Help With Remote Work Cybersecurity
At Liquid Web, we've been helping companies with remote work cybersecurity solutions for years by providing secure, highly-available infrastructure for mission-critical applications and websites. Our team of the Most Helpful Humans in Hosting partner with IT departments globally to keep company data and applications safe, secure, and performant, so teams like yours can do their best work on a daily basis.
If you're looking for a partner when it comes to transforming your organization during this rapidly changing time, contact us. We would enjoy the chance to learn about your challenges and goals and explore if the Liquid Web team can be a partner and help you succeed.
Download Your Complete Security Infrastructure Checklist for SMBs
Nick is the Senior Director of Security & Compliance at Liquid Web. He has over 20 years of experience in Technology and brings a wealth of knowledge and a strong understanding of data security to help safeguard our customers' environments.
Keep up to date with the latest Hosting news.