As a result of the Covid-19 pandemic, many people are working from home on short notice. Remote work poses different security risks than working from the office, and most of us don’t have an in-home IT department to help us navigate those risks! We’ve collected some tips and tricks to help you keep your remote work environment more secure. Whether remote work is a temporary measure or a way of life, cybersecurity matters.
Let’s start with something straightforward but easy to overlook: keep your work area secure. Lock your computer when you get up for a snack and set up your desk so people can’t look at your screen when you’re working. Sensitive information must be protected from unauthorized disclosure, modification, or loss—that obligation doesn’t change when you work from home. If your housemates don’t have access to your regular workplace, they shouldn’t have access to your remote workplace, either. Keep physical or paper-based information in a secure place, and take measures to make sure any work-owned equipment is protected from unauthorized use and theft.
Out of necessity or convenience, some people will be using their own devices or equipment to work from home. If that’s the case for you, be vigilant about tracking any information or work-product saved to personal devices. You may find it helpful to set up a separate folder on your desktop for work-related files—that will make it easier to find and delete those files when they’ve been transferred back to business workstations. And don’t forget to empty the recycling bin! While it’s probably saved you on some occasions when you discover you’ve deleted something you still need, in this situation the recycling bin could be a liability.
Storage devices like USB keys and portable hard drives are convenient, but due to their portable size, they can easily be misplaced. Instead of using physical storage, businesses should use cloud-based office suites and storage services to provide access to information assets.
Good computer hygiene is pretty easy, once you’ve put the habits in place.
Update your software regularly—it serves a really valuable purpose. Any device that will be used for work purposes needs to have the latest version of all software, as the updates frequently include security patches for recently discovered risks alongside the updated features. If you perform updates regularly, they don’t take that much time—it’s when you click Remind Me Later a dozen times that things start to pile up.
Using antivirus protection is another simple-but-helpful habit. These endpoint protection solutions (such as McAfee, Cylance, Crowdstrike, Trend, and Symantec) secure your computer by scanning your files and comparing specific code to their database of known malicious code. They’ve been around for decades, so there are plenty of reviews available to help you determine which one to go with. You can give yourself an additional layer of protection by regularly backing up your device to a work-approved cloud backup service. Having a recent backup will allow you to restore your data to a point before the malware was present on your system. Backing up data to a cloud service will also allow you to minimize the number of business assets stored on your personal devices.
If you’re using devices supplied by your employer, make sure they’re equipped with any virtual private network (VPN) services your office uses. These programs include security controls, such as filtering and logging, that are intended to prevent cyber impacts.
Unfortunately, not everybody uses the internet for good, ethical purposes. Abrupt changes to business practices and work habits—such as an entire office working from home—may expose vulnerabilities that aren’t present in your office. Be smart and diligent about opening emails, downloading files, or clicking on links from unknown sources—just like usual! If an email seems suspicious, check the sender’s email address for spelling errors, look for poor grammar, hover over links to see the url, and if you are unsure, contact the sender by a phone number or email address that you find somewhere other than in the suspicious email.
Don’t forget about the importance of good passwords. And by good, we mean strong and unique. Use a mix of numbers, symbols, and letters wherever allowed. Don’t use something obvious like your birthdate or your street address. And make sure your password is at least 8 characters long—longer passwords help to stall programs that are designed to break into password-protected accounts.
Most of us are familiar with password best practices, but a lot of us don’t follow them. Don’t share your password with others or share access to accounts; change your passwords regularly; and use different passwords for different accounts. If that fills you with dread at the thought of forgetting them all, consider using a password manager to keep track—it’s a much better option than writing them all down in a notebook.
For another layer of password security, set up two-factor authentication. The extra step could be an email or text message confirmation, or a biometric method like facial recognition or fingerprint scan.
While we’re on the topic of passwords: don’t forget your router and your printer. Any connected but unprotected device is a weak point that could be exploited. Many people don’t bother changing the password on their home router after it’s first installed, but it’s an easy and valuable step in securing your network.
If you require further assistance or have more detailed questions around security related to work from home or anything else please visit sasktel.com, reach out to your SaskTel sales prime, or call 1-844-SASKTEL.
SaskTel’s experts know how to keep your business safe.
We built Saskatchewan’s favourite networks so you can stay close to your people who matter most. Whether you’re overseas or just around the corner, we make sure you’re always connected to your friends, family, and your world.