WORKING FROM HOME SECURELY
Thought I should start this blog off by talking about something that’s quite relevant right now, working from home. In particular, working from home securely, and how you can accomplish this. Lets break this down in to two parts : Physical Security, and then Computer Security.
- Keep away from windows. This may sound strange, but hear me out. Whilst working from home, try to avoid working near windows which are visible from street level. This may give someone an opportunity to look at what you are working on, or even see the passwords you are entering.
- Lock your devices. If you are not using your PC, Tablet, Laptop etc – keep sure to lock it, or shut down. This will stop a family member, roommate or visitor from seeing information they aren’t meant to, or even worse tampering with your device. If you have a physical device such as a kensingon or mac lock, use one of these to stop someone moving it too.
- Store devices securely. Once you are done for the day, keep sure you store all work devices securely. Put them away out of sight – this will stop family members moving them, and in a worst case stop them from being stolen.
- Full Disk encryption. Whilst we are all working at home for a long period of time, it is worth setting up a product such as BitLocker – https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview This adds an extra layer of security to your laptop – meaning the drive is fully encrypted and requires a unique pin to unlock.
- Turn OFF Network Discovery. Your work devices must not be visible to the home devices on your network, as this might cause an intrusion to occur. To stop this from happening (on Windows) go to Network and Sharing Center, Advanced Sharing Settings and turn Network Discovery OFF.
- Change your Home Router default password. Many people are now working from home using their own WiFi. The issue with this is many home routers are insecure, due to the fact they use default credentials. The following guide talks through how to fix this problem https://www.techradar.com/uk/broadband/how-to-change-your-router-password
- Use your company provided VPN, Backups and AntiVirus. Most medium and large companies will provide employees access to these by default. So what do you need to do? Keep sure you are always using the VPN when working, as it will encrypt your data and hide your details. Also ensure Backups and AntiVirus are working as intended. You will usually receive popups or errors if these have any issues – contact your company service desk immediately to get these sorted.
- What to do if your company doesn’t provide these? If you don’t have a VPN, I would personally recommend https://nordvpn.com/pricing/ – they offer the best service in my experience. For Backups, I really like https://www.idrive.com/ – it is reasonably priced and will ensure anything you are working on is safe. Finally, Antivirus : Avast as a great free antivirus – https://www.avast.com/windows-10-antivirus. There are lots of paid for antivirus out there but Avast Free will do the job in most cases.
- Keep up to date with basic cyber security training. When you start at a company, it is likely you are given a basic security training. This will include how to stop a malicious email (Phishing), something potentially malicious on your PC and how to report them. Refresh this knowledge and keep sure you are up to date with how to spot, and report; cyber security issues.
- Update, Update, Update! Update! Did I say that enough times? Regularly check that your PC is up to date and if you notice any issues with updates on your PC – tell someone, don’t just ignore it!
- Be aware of phishing emails, malicious sites and smishing. Threat actors are taking advantage of the current Covid-19 pandemic and creating fake emails, websites and SMS’ which use Covid-19 as the subject to try and lure you in. Be vigilant if you get an email, SMS or any sort of communication relating to it. It is highly likely it could be malicious. Look out for poor grammar or communications from users you have never spoken to. For websites – look for missing padlocks (no https), strange domain names and check them on sites such as https://urlscan.io/ or https://www.virustotal.com/gui/home/upload to see if they are infact malicious or not.
- Strong Passwords. You may currently be getting new credentials to help you work from home. Ensure you are creating strong, unique passwords for each account (use a site like https://passwordsgenerator.net/) to help with this.
- Two Factor Authentication. Once you are done creating a strong password, check if you can set up 2FA for the login. Two factor authentication is a secondary method, such as a physical fob, an email or a SMS which greatly increases the security of an account.
- Communicate Securely. Hopefully your business has already provided a way to communicate securely – if not there are some ways to do this yourself. Messaging apps such as Whatsapp provide an easy way to send messages encrypted end to end. If you need to send a one time secret, such as a new password use https://password.link/. If you need to send secure emails use https://www.sendinc.com/
- ZOOM. Many companies are now using Zoom for meetings however it is easy to exploit this software. The exploit allows uninvited people to join meetings and share anything they like. To stop this from happening, the meeting host has to go to Advanced Sharing Options and set it to Only Host. It is also recommended by Zoom to enable passwords for meetings so only authorized users can connect.
Phew, done. I hope you enjoyed the first blog post. If you follow these steps it will help you a lot when working at home to stay secure. Please follow the blog, comment if you found this helpful and subscribe to the newsletter, out soon!