Cybercriminals are increasingly using phishing techniques when they attack companies. Phishing is a versatile solution. Phishers can gain information, direct the unsuspecting to sites loaded with ransomware or other malware or get employees to effect monetary transfers.
In this article, we highlighted how this posed an especial danger to companies allowing employees to work from home. As a follow-up, today we’ll explain how employees can better secure their home working environments.
Physical Security
Securing your data entails more than just limiting cyber access to files. Physically securing the devices used is your essential first step.
Start with the basics:
Encrypt company data in case the device is stolen. Theft is often a bigger risk in a private home. You have no control over this. You can, however, encrypt the data on the device.
All devices must be password-locked. Even better, use multi-factor authentication to better secure the device. Employees must log in on boot up and if the computer is inactive. Set the time limit for inactivity to five or ten minutes to prevent a casual visitor from stealing a look when the employee’s attention is elsewhere.
Limit access to company computers in the home environment. Your employee’s child cannot, for example, use a company device to look up information for a school project. Where possible, secure the device out of sight and reach when not in use.
Secure the Router
Secure access to the internet is crucial for remote workers. This starts with the router. Following these tips improves security:
- Ensure that the router is one still supported by the manufacturer. If the manufacturer no longer sends out security patches, the router is no longer secure.
- Check that the router’s software is up to date. Most modern routers update their software by default. It’s worth checking, though, as someone may have instead chosen manual updates.
- Make sure that encryption is enabled on the router. The settings should be at the highest possible level of protection.
- Change the default SSID name of the router to something generic that has no identifying information in it.
- If it hasn’t already been done, change the default password to something strong and unique.
Create a Separate Office Network
Your employees should create an extra user on their network. This user will be for the office work only. This guest user must:
- Connect to as few devices as possible. Ideally, it should be the only user permitted on the network. Employees may add a printer or equipment necessary for the performance of their duties. No other personal or IoT devices should be allowed to connect.
- Have its own unique, strong password. This password is not to be shared with anyone.
Final Notes
These tips provide extra assurances for businesses that home networks are more secure. That said, it’s never wise to consider your data completely secure in the cyber realm. Use these tips as part of your overall cybersecurity strategy.
Layer up more protection by adding good anti-virus and email scanning software. Then bring everything home by revising good cybersecurity practices with employees regularly.