As more employers are recommending – or mandating – telework for their employees to keep safe and productive during the COVID-19 outbreak, we believe it’s important to share best practices for remote teams.
There are several tips that will improve the security of remote networks and combat concerns affecting network equipment meant for personal use.
Top Risks of Remote Work
Working remotely can be a convenient and productive alternative to being on-site – if you’re prepared, that is. For those who are working remotely for the first time, there are some risks to consider:
Working Remotely – and Securely
Many companies are putting together work-from-home plans that include specific directions for how to handle certain aspects of cybersecurity and provide access to security tools. Make sure you protect yourself while working remote – and all the time – by aligning with the following basic security principles.1. Establish Strong Passwords
It’s as important as ever to ensure that all of your accounts are protected with strong passwords. Many people still use the same password across multiple accounts, which means one compromised password can allow a criminal to take over all of your accounts. “Credential stuffing” is a term used when ‘bad guys’ use leaked usernames/passwords to log into other online accounts. Passwords should be unique for every account and comprise a long string of upper- and lower-case letters, numbers, and special characters. It is essentially impossible to properly secure your accounts in this manner without the use of a password manager. We personally recommend looking into an option like LastPass or Dashlane.2. Enable Two-Factor Authentication
Strong passwords, while necessary, are not enough to protect your online activity. Two-factor authentication (2FA) and multi-factor authentication (MFA) is an additional step that adds an extra layer of protection to your accounts by requiring a validation through email, text message, or biometrics.3. Utilize a VPN
Unsecured public Wi-Fi networks, like those at coffee shops and hotels, are prime spots for malicious parties to spy on internet traffic and collect confidential information. Make sure to always VPN software, either provided by your company or a COTS solution. CSO Online offers a list of several excellent VPN options.4. Use Antivirus Software
While firewalls and other protections help mitigate risks, some threats will get through. Ensuring antivirus and malware protection is installed, running, and up-to-date on all devices acts as a next line of defense.5. Secure Your Home Router
There are simple steps you can take to protect your home Wi-Fi network and prevent malicious parties from gaining access to your devices and information. This includes:
6. Install Updates
While undoubtedly irritating, device updates and patching are extremely important (yes, they do always pop up at the most inopportune times). Vendors use these updates to implement patches for critical security vulnerabilities in their software. In most cases, devices can be set to run updates automatically. Do this!7. Be Vigilant Against Phishing Emails
Emails (phishing), voicemails (vishing), and test messages (smishing) are used by cybercriminals to “phish” for information. To spot a phishing email, check the sender’s email address for spelling error and look for poor grammar in the subject line and/or email body. Hover over links to see the source URL and never click links or open attachments unless you trust the sender 100%. If any doubt exists, contact your company’s IT department for validation.
The above tips are a great starting point to protect yourself while working remotely. Here are a few additional resources to consider:
Likewise, Concord is always here to help. Please don’t hesitate to reach out to us if you need support while establishing a new remote work routine or looking for capable teams to assist with important business initiatives. We are here to help throughout this crisis (and beyond) and support your information risk management needs.