Security Best Practice: Working From Home
Cybercriminals see a crisis as an opportunity. Major change brings disruption, and businesses transitioning to working from home arrangements can be an attractive target.
There are three main areas of concern related to working from home.
It’s important to be on your guard and escalate anything abnormal.
- Be extra vigilant when you receive phone calls and messages from unknown sources.
- Exercise caution in opening messages, attachments, or clicking on links from unknown senders. Verify the sender’s identity by calling them or check with trusted people that might know them.
- Any request for sensitive information (personal details, password, bank details) needs to be verified first. Be especially cautious if there is a sense of urgency.
- Do not click (or copy and paste) the links provided in emails/messages. Always type the URL.
- Triple check anything that you think is “too good to be true”.
- Use a different password for each application and website. You can utilise password vaults to manage all your passwords rather than remembering them.
- Use passphrases rather than passwords where possible. Use multiple words that you can picture in your head. Like “I walk to work when it’s sunny and drive when it’s rainy” the passphrase can be “$unWalkr@indriv3”.
- Don’t use the above example. It’s a sample only. 😊
- Most applications offer Multi-Factor Authentication. Enable 2-Factor Authentication as a minimum where possible.
- Treat your home network as an untrusted network. This might sound strange but remember, home networks usually have close to no protection compared to what you have at your workplace. Just think of all of the games and apps kids install on their tablets, and the IoT devices with default credentials like TV, Chromecast, Apple TV and air-conditioning.
- Use a secure way of accessing your corporate network (VPN, Citrix) if available.
- Secure your devices when not in use. Don’t lend laptops to children or other members of the household using your work profile or account. They could unintentionally share or delete important information or introduce malicious software to your device. If you do share your computers or devices with family or your household, have separate profiles so that each person logs in with a unique username and passphrase.
- Make sure your computer is still getting relevant patches and updates while you are working remotely.